URL: https://www.baixaki.com.br/portal/redir-partners.asp
Submission: On December 02 via manual from IN — Scanned from GB

Summary

This website contacted 46 IPs in 9 countries across 49 domains to perform 290 HTTP transactions. The main IP is 54.38.212.101, located in Enfield, United Kingdom and belongs to OVH, FR. The main domain is www.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on October 13th 2021. Valid for: a year.
This is the only time www.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
69 54.38.212.101 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
2 14 13.225.87.89 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 35.201.123.184 15169 (GOOGLE)
1 10 34.102.185.99 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 142.250.181.226 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
5 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.98 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.70 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 52.204.18.146 14618 (AMAZON-AES)
12 23 142.250.186.98 15169 (GOOGLE)
9 15 2.18.234.21 16625 (AKAMAI-AS)
7 10 185.33.220.145 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 35.186.194.101 15169 (GOOGLE)
2 2 151.101.194.49 54113 (FASTLY)
1 135.125.160.160 16276 (OVH)
2 2 52.30.14.23 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
1 2a04:4e42::300 54113 (FASTLY)
1 52.212.131.178 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
2 2 52.48.8.186 16509 (AMAZON-02)
2 2 3.33.220.150 16509 (AMAZON-02)
1 2 185.86.137.131 201081 (SMARTADSE...)
2 35.174.32.80 14618 (AMAZON-AES)
2 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
2 2 37.157.4.29 198622 (ADFORM)
1 1 2600:9000:20e... 16509 (AMAZON-02)
2 2 213.19.147.44 3356 (LEVEL3)
2 2 35.157.177.200 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
290 46
Apex Domain
Subdomains
Transfer
65 googlesyndication.com
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
316 KB
61 ibxk.com.br
obj.ibxk.com.br
img.ibxk.com.br
obj-mega.ibxk.com.br
mega.ibxk.com.br
534 KB
47 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
247 KB
17 tailtarget.com
d.tailtarget.com
d.t.tailtarget.com
tags.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
tt-10709-3.seg.t.tailtarget.com
63 KB
15 casalemedia.com
dsum-sec.casalemedia.com
13 KB
14 scorecardresearch.com
sb.scorecardresearch.com
9 KB
14 navdmp.com
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
12 KB
10 adnxs.com
ib.adnxs.com
secure.adnxs.com
9 KB
10 cazamba.com
api.cazamba.com
as.cazamba.com
cdn.cazamba.com
px.cazamba.com
44 KB
10 google.com
www.google.com
adservice.google.com
apis.google.com
73 KB
8 googletagservices.com
www.googletagservices.com
271 KB
7 google-analytics.com
www.google-analytics.com
93 KB
5 google.co.uk
www.google.co.uk
adservice.google.co.uk
2 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
98 KB
4 2mdn.net
s0.2mdn.net
277 KB
4 tecmundo.com.br
www.tecmundo.com.br
37 KB
4 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
159 KB
3 yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1 KB
2 advertising.com
pixel.advertising.com
934 B
2 adform.net
c1.adform.net
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 teads.tv
sync.teads.tv
344 B
2 openx.net
us-u.openx.net
420 B
2 smartadserver.com
sync.smartadserver.com
1 KB
2 adsrvr.org
match.adsrvr.org
904 B
2 demdex.net
dpm.demdex.net
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1023 B
2 everesttech.net
sync-tm.everesttech.net
599 B
2 smartclip.net
ad.sxp.smartclip.net
676 B
2 googletagmanager.com
www.googletagmanager.com
71 KB
2 nznweb.com.br
lb.nznweb.com.br
2 facebook.net
connect.facebook.net
84 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
580 B
1 1rx.io
sync.1rx.io
695 B
1 smaato.net
s.ad.smaato.net
440 B
1 travelaudience.com
ads.travelaudience.com
521 B
1 ctnsnet.com
gcm.ctnsnet.com
511 B
1 mathtag.com
pixel.mathtag.com
610 B
1 krxd.net
beacon.krxd.net
338 B
1 taboola.com
trc.taboola.com
231 B
1 bluekai.com
tags.bluekai.com
304 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 cloudflare.com
cdnjs.cloudflare.com
31 KB
1 megacurioso.com.br
www.megacurioso.com.br
11 KB
1 facebook.com
www.facebook.com
1 baixaki.com.br
www.baixaki.com.br
17 KB
0 nspmotion.com Failed
s-akfs.nspmotion.com Failed
0 1-1ads.com Failed
www.1-1ads.com Failed
290 49
Domain Requested by
53 img.ibxk.com.br www.baixaki.com.br
30 pagead2.googlesyndication.com www.googletagservices.com
www.baixaki.com.br
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
28 tpc.googlesyndication.com 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
www.baixaki.com.br
tpc.googlesyndication.com
securepubads.g.doubleclick.net
23 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
www.baixaki.com.br
15 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
14 sb.scorecardresearch.com 2 redirects www.baixaki.com.br
www.tecmundo.com.br
www.megacurioso.com.br
9 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
8 googleads4.g.doubleclick.net www.baixaki.com.br
8 www.googletagservices.com www.baixaki.com.br
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
cdn.cazamba.com
7 www.google-analytics.com api.cazamba.com
www.google-analytics.com
www.googletagmanager.com
7 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 sync.navdmp.com as.cazamba.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.baixaki.com.br
6 www.google.com 1 redirects 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
www.baixaki.com.br
www.megacurioso.com.br
tpc.googlesyndication.com
6 d.tailtarget.com www.baixaki.com.br
d.tailtarget.com
as.cazamba.com
4 b.t.tailtarget.com 1 redirects d.tailtarget.com
www.baixaki.com.br
4 s0.2mdn.net 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
4 googleads.g.doubleclick.net 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
4 www.tecmundo.com.br www.baixaki.com.br
www.tecmundo.com.br
4 stats.g.doubleclick.net 1 redirects www.baixaki.com.br
www.google-analytics.com
3 cdn.cazamba.com api.cazamba.com
3 mega.ibxk.com.br www.megacurioso.com.br
3 as.cazamba.com api.cazamba.com
as.cazamba.com
3 www.google.co.uk www.baixaki.com.br
www.megacurioso.com.br
3 fonts.gstatic.com fonts.googleapis.com
3 tag.navdmp.com www.baixaki.com.br
as.cazamba.com
tag.navdmp.com
3 obj.ibxk.com.br www.baixaki.com.br
2 tt-10709-3.seg.t.tailtarget.com d.tailtarget.com
2 t.tailtarget.com www.baixaki.com.br
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 c1.adform.net 2 redirects
2 tracking.m6r.eu 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 px.cazamba.com www.baixaki.com.br
2 sync.smartadserver.com 1 redirects as.cazamba.com
2 match.adsrvr.org 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.sxp.smartclip.net 1 redirects as.cazamba.com
2 obj-mega.ibxk.com.br www.megacurioso.com.br
2 www.googletagmanager.com www.tecmundo.com.br
www.megacurioso.com.br
2 ad.doubleclick.net 1 redirects 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
2 apis.google.com www.baixaki.com.br
apis.google.com
2 lb.nznweb.com.br www.baixaki.com.br
www.tecmundo.com.br
2 api.cazamba.com www.baixaki.com.br
api.cazamba.com
2 www.gstatic.com 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.co.uk securepubads.g.doubleclick.net
2 cdn.navdmp.com tag.navdmp.com
2 d.t.tailtarget.com d.tailtarget.com
2 usr.navdmp.com tag.navdmp.com
2 connect.facebook.net obj.ibxk.com.br
connect.facebook.net
2 fonts.googleapis.com www.baixaki.com.br
www.megacurioso.com.br
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 s.ad.smaato.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 secure.adnxs.com 1 redirects
1 cms.analytics.yahoo.com as.cazamba.com
1 pixel.mathtag.com 1 redirects
1 beacon.krxd.net tag.navdmp.com
1 trc.taboola.com tag.navdmp.com
1 tags.bluekai.com tag.navdmp.com
1 gu.dyntrk.com tag.navdmp.com
1 sync2.navdmp.com as.cazamba.com
1 cdn.jsdelivr.net www.tecmundo.com.br
1 imasdk.googleapis.com api.cazamba.com
1 cdnjs.cloudflare.com api.cazamba.com
1 tags.t.tailtarget.com www.baixaki.com.br
1 www.megacurioso.com.br www.baixaki.com.br
1 www.facebook.com connect.facebook.net
1 ajax.googleapis.com www.baixaki.com.br
1 www.baixaki.com.br
0 s-akfs.nspmotion.com Failed www.baixaki.com.br
0 www.1-1ads.com Failed www.baixaki.com.br
290 79
Subject Issuer Validity Valid
azion.com
GlobalSign ECC CloudSSL CA - SHA384 - G3
2021-10-13 -
2022-11-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-05 -
2022-07-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-10 -
2021-12-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-26 -
2022-06-25
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.cazamba.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-09 -
2022-09-11
2 years crt.sh
*.apis.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.dyntrk.com
R3
2021-10-23 -
2022-01-21
3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-11-24 -
2022-04-26
5 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-19 -
2022-04-13
6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
teads.tv
R3
2021-11-03 -
2022-02-01
3 months crt.sh

This page contains 22 frames:

Primary Page: https://www.baixaki.com.br/portal/redir-partners.asp
Frame ID: 5C46D225440BC254015C51844559E6AD
Requests: 119 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3652C58EDACA30DA95E0967F803182B7
Requests: 1 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D6B9F64AB3159AB6DFEDEC61DC72968E
Requests: 13 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6701C36ADE7A3C7EFF09309AC0C8A05
Requests: 13 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F26DE92959CF54F99422160B7D6D32D4
Requests: 14 HTTP requests in this frame

Frame: https://www.tecmundo.com.br/home/fullhighlights?tec
Frame ID: 5AB802FE94324EA995AB6EFF2E485A8C
Requests: 16 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DEAD19FD3CE7A9A5BCF0B96C145C1277
Requests: 12 HTTP requests in this frame

Frame: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Frame ID: 4EB75DF7D979EF9F47D8C2DA80405AD3
Requests: 18 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48F2F2D9C9A1772A5AC34E2563FC0345
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGM7x37wBMAE&v=APEucNXfiZpXQrNBTbHFf3JClmKiP12bg47EVzaDE7uGu4v9A6emO9Ov0LG0h2ONRVveXmjpcgY5fsjjaqHOEUGJq8_lLcQDNIEcBdQvgI-0hd6tg4cux_e3JoxPRfrqyIwqnWQX_YnfsRZnDJL01g9kDx1sA7l1tF7-plN67n298kdWA4RdxSE
Frame ID: 9F2E231416CC4A744C18277178C6D22D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKPs37wBMAE&v=APEucNWGpWkm9YlInT3QmuEROBlESBQOdWlc6S4nw-SRKVq_FX73WuvM-7HMEEJXW3KGdf3x5PxW6CDQdpFV8zvCXbhgDD6v8XRCwOVJSsL0kTSJ1Du6Lr1rZ8abVU5ZkLBeNMnVHMXQ1wxv-ydPU8mTJLAQ7NguucCKRUgk3KrtMR4X9ZhtQbU
Frame ID: AEC18F118FAC9E862865ED7496DF4C9B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGNPn37wBMAE&v=APEucNVRsh32zj2KuFeC9Se98PcXHhEx-SwkX7cTy6euXntuooYtBKIpGr3PX6DCrDxBdEgAejFf1puKdLedzoYypaENv2euGqHhnsjQS50MrWQk1tXQk9srZoTlTK7L6kLy8furxYXUtI1TPcDPLEOJOpAXPNCsS2lZp2eVdoxfxNhoX3nF6oE
Frame ID: 8D1AF6C1145D086DE406A67F075A7EAA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E8A4CA718251123E70FF9E34A2A637D6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 654570181730DE59EB9CA600DF55CCB4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1C4E89EF99B7205032C972945212826C
Requests: 3 HTTP requests in this frame

Frame: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Frame ID: 457622A46F8D8EAC317CCC350A073C57
Requests: 22 HTTP requests in this frame

Frame: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 44E9CE094BF6DAB9EC619F3D73454872
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKve37wBMAE&v=APEucNUymJvmTAb6lyWwi7ypX5Qqcdxc_HZg5DVorEm8UT5uHHlN3jOIAMyERLUUkQMJdC2612L3mjVtKkxnL8jqhT4f5KWAt23ILBBN3x76VJ6mzPxBWPccC_3f-be-zrVQzcokI8CaCHoD-KkKLcmoLzmR-x5MmZWmESv7unsuFiMjUfuapl0
Frame ID: 0A7A04E846AA7EC0EA2118F90B52C81F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 609FB092D333F161831B41A6C429459D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 119B94D9C5A93D36265DC16AF3BF17E2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1BAFBB4FF426AA24F5EBDCA7F1776DDF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A0179A39CBE70857B094631097DCCF03
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Baixaki Portal Parceiros - Notícias, Tecnologia, Esportes, Entretenimento e Downloads

Page Statistics

290
Requests

87 %
HTTPS

43 %
IPv6

49
Domains

79
Subdomains

46
IPs

9
Countries

2457 kB
Transfer

5513 kB
Size

87
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://sb.scorecardresearch.com/c2/8756095/ct.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/ct.js
Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=2&c2=8756095&ns__t=1638426601094&ns_c=windows-1252&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&c7=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1638426601094&ns_c=windows-1252&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&c7=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&c9=
Request Chain 68
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1524368451&utmhn=www.baixaki.com.br&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&utmhid=260466668&utmr=-&utmp=%2Fportal%2Fredir-partners.asp&utmht=1638426601227&utmac=UA-144680-1&utmcc=__utma%3D248450708.1413534137.1638426601.1638426601.1638426601.1%3B%2B__utmz%3D248450708.1638426601.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1956886594&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1413534137.1638426601&jid=1956886594&_v=5.7.2dc&z=1524368451 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1413534137.1638426601&jid=1956886594&_v=5.7.2dc&z=1524368451&slf_rd=1&random=4114050943
Request Chain 126
  • https://ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/B26865647.321968141;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/B26865647.321968141;dc_pre=CKXGt-G-xPQCFU6JdwodlPAEjA;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Request Chain 163
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yahn8-QWkL26XYLYLHJ0CgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
Request Chain 165
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Request Chain 167
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yahn8-QWkL26XYLYLHJ0CgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
Request Chain 169
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Request Chain 171
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yahn8-QWkL26XYLYLHJ0CgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
Request Chain 173
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67865994926 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=67865994926&google_gid=CAESEKGBw8_eRgfhfRz8agj4qcY&google_cver=1
Request Chain 226
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
Request Chain 227
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=Yahn9QAI2wUOCgBR HTTP 302
  • https://sync.navdmp.com/sync?prtid=17&tubid=Yahn9QAI2wUOCgBR&_test=Yahn9QAI2wUOCgBR
Request Chain 229
  • https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=67865994926?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=15478/tp=NVEG/tpid=67865994926?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.navdmp.com/sync?prtid=38&lotid=1c7a7fce645edf31458fce4c3dd18f2
Request Chain 233
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=ed5c61a8-67f5-4c00-88cf-73b16bff9674
Request Chain 235
  • https://dpm.demdex.net/ibs:dpid=822&dpuuid=67865994926&redir=https%3A//sync.navdmp.com/sync%3Fid%3D67865994926%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=67865994926&redir=https%3A//sync.navdmp.com/sync%3Fid%3D67865994926%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • https://sync.navdmp.com/sync?id=67865994926&adID=64294456141303181482293558259345769997&img=1
Request Chain 236
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 302
  • https://sync.navdmp.com/sync?appNx=41720538796090681&img=1
Request Chain 237
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=u7695wg&ttd_tpi=1 HTTP 302
  • https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=2baa896d-bf17-44e0-8499-0a55e3f327c8
Request Chain 238
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEE6cY9GDH_DfJL7wmPnhVY&google_cver=1
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFlDn-6hEORLGw3RHFK5xgs&google_cver=1
Request Chain 269
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGc-gKqnSABIBNh13Tp9qwI&google_cver=1&google_push=AYg5qPKEk9o7pWN-grS2C0wOxIxylV1YazaC6knemJgXZvVSgxLi2exerCtfn1i6qY_GiYKGLmqQ4kyXGsfQs8Ypp_pHfpibyLE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKEk9o7pWN-grS2C0wOxIxylV1YazaC6knemJgXZvVSgxLi2exerCtfn1i6qY_GiYKGLmqQ4kyXGsfQs8Ypp_pHfpibyLE&google_hm=1xTLBAUkRX-Q8jdGRirsGKU
Request Chain 270
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEWRRs3xkCME24fruLQd-MY&google_cver=1&google_push=AYg5qPIx-Z3uWgWLMyHM1die21j7Q60XLjf_EABV0RPHAVZmcmL1_cKILNyzvFL7rMjRDMR2hgOvUL3jq7BCYryB90Civ25rIA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pkKjbdZ_SQq_aCY0JZbYSg2&google_push=AYg5qPIx-Z3uWgWLMyHM1die21j7Q60XLjf_EABV0RPHAVZmcmL1_cKILNyzvFL7rMjRDMR2hgOvUL3jq7BCYryB90Civ25rIA
Request Chain 271
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDST0xzC9hUyHBEgFjJrjOM&google_cver=1&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95l8KfE_f8rWZc6dscjy-J9Llleb89wVmYhxb9f0 HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDST0xzC9hUyHBEgFjJrjOM&google_cver=1&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95l8KfE_f8rWZc6dscjy-J9Llleb89wVmYhxb9f0&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=gSLkYyy8F0sDreyhND7noA&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95l8KfE_f8rWZc6dscjy-J9Llleb89wVmYhxb9f0
Request Chain 272
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA3Kw_TWn5JPgpIcvzfcHDk&google_cver=1&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79A-WbWLjwssCj_z15asKtI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA3Kw_TWn5JPgpIcvzfcHDk&google_cver=1&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79A-WbWLjwssCj_z15asKtI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA5NTQwOTIzODYyMzY1MDMzNg&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79A-WbWLjwssCj_z15asKtI
Request Chain 273
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENR8N7MvkdlrG6Fyak2XrQA&google_cver=1&google_push=AYg5qPJdNa91iZBgNHQSvgSPiwjfeCDOTHK1u65QH0JTxMWdvlPp0AEU7H-XN_CbPjJUrgEw9AHo89-9h0AGHbevIiNk-N5Tvrw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJdNa91iZBgNHQSvgSPiwjfeCDOTHK1u65QH0JTxMWdvlPp0AEU7H-XN_CbPjJUrgEw9AHo89-9h0AGHbevIiNk-N5Tvrw
Request Chain 274
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJQJhjlRWKgEsm-LLfNzaCY&google_cver=1&google_push=AYg5qPLVgi4YHJxqOaD1ACPL0bplTnmfHnlMOea5Q0HzP8HEmAcwrEGopqTAOlhJhuOoSbygRVodgRIh5WcyVAO2XRgws0uJmQ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4945d19f-2870-475d-aaa2-6e9eb5624349-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLVgi4YHJxqOaD1ACPL0bplTnmfHnlMOea5Q0HzP8HEmAcwrEGopqTAOlhJhuOoSbygRVodgRIh5WcyVAO2XRgws0uJmQ%26google_hm%3DA0lF0Z8ocEddqqJunrViQ0k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLVgi4YHJxqOaD1ACPL0bplTnmfHnlMOea5Q0HzP8HEmAcwrEGopqTAOlhJhuOoSbygRVodgRIh5WcyVAO2XRgws0uJmQ&google_hm=A0lF0Z8ocEddqqJunrViQ0k
Request Chain 275
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV&apid=UP4e52c0c0-5339-11ec-b1c7-06ce8e1ce602 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV&apid=UP4e52c0c0-5339-11ec-b1c7-06ce8e1ce602&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZTUyYzBjMC01MzM5LTExZWMtYjFjNy0wNmNlOGUxY2U2MDI%3D&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV
Request Chain 277
  • https://b.t.tailtarget.com/b?tA=TT-10709-3/CT-239&tY=1&tS=2&tX=b.52&tZ=876998274 HTTP 302
  • https://b.t.tailtarget.com/b?tA=TT-10709-3/CT-239&tY=1&tS=2&tX=b.52&tZ=876998274&check=1

290 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request redir-partners.asp
www.baixaki.com.br/portal/
53 KB
17 KB
Document
General
Full URL
https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
4beec82f69210e380245449530c41952d2850fd2ecf580c6d2e27f6808cd075a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Thu, 02 Dec 2021 06:30:00 GMT
content-type
text/html
content-length
17437
cache-control
max-age=150
content-encoding
gzip
expires
Thu, 02 Dec 2021 06:32:30 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
version
2.8.6
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:08:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 06:30:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Dec 2021 06:30:01 GMT
v12-20170329.min.css
obj.ibxk.com.br/baixaki/assets/css/
59 KB
12 KB
Stylesheet
General
Full URL
https://obj.ibxk.com.br/baixaki/assets/css/v12-20170329.min.css
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
8cd91d9c5afef21866a068d35fde9a75ba42ae5d6d5541c0c262be5efbb33fc7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2017 13:34:25 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=30
accept-ranges
bytes
content-length
12299
expires
Thu, 02 Dec 2021 06:30:31 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/
90 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 01:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Dec 2022 01:46:55 GMT
geral-201309170947.js
obj.ibxk.com.br/inc/v12/
43 KB
14 KB
Script
General
Full URL
https://obj.ibxk.com.br/inc/v12/geral-201309170947.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
df4efe040b8552b11119294166c0040fcec4a11d6a4a4ce0fe206dcf84131df3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2015 19:21:03 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30
accept-ranges
bytes
content-length
14048
expires
Thu, 02 Dec 2021 06:30:31 GMT
tm13767.js
tag.navdmp.com/
14 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/tm13767.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536b3ce1074d9b9899aac640bff3eb2d71b98261b19a5f341f3d783320548189

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Sep 2021 18:45:03 GMT
server
cloudflare
etag
W/"6137b32f-3730"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6b728110af413763-MXP
content-type
application/javascript
expires
Thu, 02 Dec 2021 07:30:01 GMT
bxk-logo.png
img.ibxk.com.br/bxk_v12/
3 KB
3 KB
Image
General
Full URL
https://img.ibxk.com.br/bxk_v12/bxk-logo.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
aec0d8e579e180d1710f8dc447dfcdbf8c1d805dd907e2e65d9e6b755d6e5d57

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2574
expires
Thu, 09 Dec 2021 06:30:02 GMT
show_ads_supp.js
www.1-1ads.com/js/
0
0

12170509397280.jpg
img.ibxk.com.br/2019/02/12/
5 KB
6 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/02/12/12170509397280.jpg?mode=pad&w=222&h=111
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
1650d0ab9a081006da083651929024306d1fdbe1a512ca7073f18da963ad5079

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-3
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
5618
expires
Thu, 09 Dec 2021 06:30:02 GMT
15181524667152.jpg
img.ibxk.com.br/2019/02/15/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/02/15/15181524667152.jpg?mode=pad&w=222&h=111
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
b27941209a28b4f55b3f7431123f84c9113288847e77ab8c9a9d8fa2b422f981

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4321
expires
Thu, 09 Dec 2021 06:30:02 GMT
26090436451.jpg
img.ibxk.com.br/2013/10/26/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2013/10/26/26090436451.jpg?mode=pad&w=222&h=111
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
abff56d89d593fb7fa09080bbb38f828b9c208452b765cac9438f30aa8b129e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
7255
expires
Thu, 09 Dec 2021 06:30:02 GMT
11153634261364.jpg
img.ibxk.com.br/2016/02/11/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2016/02/11/11153634261364.jpg?mode=pad&w=222&h=111
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
ab43dbc7a1d80485305ed198a495eb3f58a10a062fa7b69e45219134d8647a25

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4213
expires
Thu, 09 Dec 2021 06:30:02 GMT
15181551605154.jpg
img.ibxk.com.br/2019/02/15/
6 KB
6 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/02/15/15181551605154.jpg?mode=pad&w=222&h=111
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
536d41f307d9c484b1175148888bd2e9ac4f9a2ebfa21583c54a96124c62839f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6005
expires
Thu, 09 Dec 2021 06:30:02 GMT
09092010798021.jpg
img.ibxk.com.br/2014/10/09/
4 KB
5 KB
Image
General
Full URL
https://img.ibxk.com.br/2014/10/09/09092010798021.jpg?mode=pad&w=222&h=111
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
d34aee319aa9a8859594b3220002be7411cd05f84cf87d297aa508672294ef41

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4501
expires
Thu, 09 Dec 2021 06:30:02 GMT
01154413309403-t222x111.jpg
img.ibxk.com.br/2021/12/01/
5 KB
6 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01154413309403-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
0338bcda8d24666ed68871a22dbeedf2bb3a8201a195faff774ed669f6975e4e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
5496
expires
Thu, 09 Dec 2021 06:30:02 GMT
23225537204013-t222x111.jpg
img.ibxk.com.br/2021/11/23/
10 KB
10 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/11/23/23225537204013-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
0bf00714a8463592935defc613c39ef77a64350d5e6bb6f8d6a7bb53bc5697eb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
10188
expires
Thu, 09 Dec 2021 06:30:02 GMT
30112313964132-t222x111.jpg
img.ibxk.com.br/2021/11/30/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/11/30/30112313964132-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
43d32f3b4bfee460b7026dad4375b306d976b4fd46442e50f7bb51850744e35b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6987
expires
Thu, 09 Dec 2021 06:30:02 GMT
30134214378252-t222x111.jpg
img.ibxk.com.br/2021/11/30/
11 KB
11 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/11/30/30134214378252-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
53a362213e2657bf6e5e14b4d814c14dec21bfe8cbf6201ed2c81398d3bce69e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
10787
expires
Thu, 09 Dec 2021 06:30:02 GMT
01125816740261-t222x111.jpg
img.ibxk.com.br/2021/12/01/
8 KB
8 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01125816740261-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
7639a6e5375c0c171f364069aa3fede719a6ba97985be15f0b41335cd0d41cf3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
7722
expires
Thu, 09 Dec 2021 06:30:02 GMT
01103728680149-t222x111.jpg
img.ibxk.com.br/2021/12/01/
7 KB
8 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01103728680149-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
fa2bdf49efe7abee71e39cb2dc412d55a019a5ff7ccb7e7af03c6ddb8751596d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
7597
expires
Thu, 09 Dec 2021 06:30:02 GMT
01001549244616-t250-t222x111.jpg
img.ibxk.com.br/2021/12/01/
0
0
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01001549244616-t250-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

01131205334267-t250-t222x111.jpg
img.ibxk.com.br/2021/12/01/
0
0
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01131205334267-t250-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

01150727246384-t250-t222x111.jpg
img.ibxk.com.br/2021/12/01/
0
0
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01150727246384-t250-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

01125330614257-t250-t222x111.jpg
img.ibxk.com.br/2021/12/01/
0
0
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01125330614257-t250-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

01140740330312-t250-t222x111.jpg
img.ibxk.com.br/2021/12/01/
0
0
Image
General
Full URL
https://img.ibxk.com.br/2021/12/01/01140740330312-t250-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

17211950035000-t250-t222x111.jpg
img.ibxk.com.br/2021/11/17/
0
0
Image
General
Full URL
https://img.ibxk.com.br/2021/11/17/17211950035000-t250-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

31190031411383-t222x111.jpg
img.ibxk.com.br/2019/01/31/
3 KB
3 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/01/31/31190031411383-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
358ca7e88162a85a1604f6a8897ba426a3e400a7bfd97a7a6b2be7e90f203e87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
2721
expires
Thu, 09 Dec 2021 06:30:02 GMT
30163909394363-t222x111.jpg
img.ibxk.com.br/2019/01/30/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/01/30/30163909394363-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
c88d557c8678b7ce1628080e3723b42016eda8420507e9d5b8b82207e354fb72

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
3683
expires
Thu, 09 Dec 2021 06:30:02 GMT
29153642696401-t222x111.jpg
img.ibxk.com.br/2019/01/29/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/01/29/29153642696401-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
eae4bf9b4870ee80dcc0cd64c0697c7907703c711ee47f4ec23e255fa04df3bb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
3676
expires
Thu, 09 Dec 2021 06:30:02 GMT
20211211736-t222x111.jpg
img.ibxk.com.br/2021/
7 KB
8 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/20211211736-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
6b6473203bc47149284e61d5bfceac76748c697f72af9f21193bcf6c4df4248e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
7534
expires
Thu, 09 Dec 2021 06:30:02 GMT
01165824908477-t302x150.jpg
img.ibxk.com.br//2021/12/01/
9 KB
9 KB
Image
General
Full URL
https://img.ibxk.com.br//2021/12/01/01165824908477-t302x150.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
c9522d06349a07c4b9ed939f4b8d9de7cb9cd0ab50f1880ed10d5ca9c0fafbab

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
9519
expires
Thu, 09 Dec 2021 06:30:02 GMT
01183500905526-t108x73.jpg
img.ibxk.com.br//2021/12/01/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br//2021/12/01/01183500905526-t108x73.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
2e1798c12b9c2e572abef4571bc2269f3cf8a3a805d5c2f922abc8964a14b14f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4040
expires
Thu, 09 Dec 2021 06:30:02 GMT
01181219326518-t108x73.jpg
img.ibxk.com.br//2021/12/01/
2 KB
2 KB
Image
General
Full URL
https://img.ibxk.com.br//2021/12/01/01181219326518-t108x73.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
f299ffe9830918a4853856495722a658af9b0cf36d2d26041a6898e9cfee92dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
2095
expires
Thu, 09 Dec 2021 06:30:02 GMT
30155829954356-t108x73.jpg
img.ibxk.com.br//2021/11/30/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br//2021/11/30/30155829954356-t108x73.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
2c21f52e0b7568c38a1c71f0b57a5230dc34ab4b41c520c931603914e3b15fa2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4216
expires
Thu, 09 Dec 2021 06:30:02 GMT
01121757388236-t108x73.jpg
img.ibxk.com.br//2021/12/01/
3 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br//2021/12/01/01121757388236-t108x73.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
8f9005f28f21ab79d563d340f7b7552497074930450681af12a679da0fa03abd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
3436
expires
Thu, 09 Dec 2021 06:30:02 GMT
172199_301125536-t306.jpg
img.ibxk.com.br/2020/9/programas/
17 KB
17 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/9/programas/172199_301125536-t306.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
d68765f48f7274a23ce62c587242f2be56f893ae49c33db5d88e11ed14944543

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
16979
expires
Thu, 09 Dec 2021 06:30:02 GMT
28201321365339.jpg
img.ibxk.com.br/2020/08/28/
19 KB
20 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/08/28/28201321365339.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
85782c69e9d7c7121cba07c204e3e7d20d0236f7d4d38927257628f9ded0fdf3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
x-newrelic-app-data
PxQGVVFSCwQFR1JaAQMEVl0BFB9AMQYAZBBZDEtZV0ZaCldOZBNaTUscGQsWBBofAEpRTgcfB1ZUBA8CVUpOUxxAfCMLfHBwC1UPWHIiA1ZQDxVNAAJUQFU5
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
19671
expires
Thu, 09 Dec 2021 06:30:02 GMT
28195645093328.jpg
img.ibxk.com.br/2020/08/28/
22 KB
22 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/08/28/28195645093328.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
526da43442f570f9afed426b5aa81ec42f0fc0ee1ef4d62a3f095b342d3afec2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
22531
expires
Thu, 09 Dec 2021 06:30:02 GMT
04163710934247-t306.jpg
img.ibxk.com.br/2019/02/04/
14 KB
14 KB
Image
General
Full URL
https://img.ibxk.com.br/2019/02/04/04163710934247-t306.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
776ab54d5f04265c34d61e6442448301222038f88c44c277672ab3662cb2a212

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
13941
expires
Thu, 09 Dec 2021 06:30:02 GMT
16129707154840923.png
img.ibxk.com.br/2018/6/programas/
53 KB
53 KB
Image
General
Full URL
https://img.ibxk.com.br/2018/6/programas/16129707154840923.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
d131ba55ffa96cb9dab58a18a560f87f5b55f674379c2e482defdf08bbf7ef48

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
54088
expires
Thu, 09 Dec 2021 06:30:02 GMT
986771907155300219.jpg
img.ibxk.com.br/2018/6/programas/
5 KB
5 KB
Image
General
Full URL
https://img.ibxk.com.br/2018/6/programas/986771907155300219.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
4b798a5b21ad689d8dab5daf84dbfb5c276cd994f2b93234c34e39795fdd2561

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:03 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5291
expires
Thu, 09 Dec 2021 06:30:03 GMT
23161509382503-t222x111.jpg
img.ibxk.com.br/2021/11/23/
6 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/11/23/23161509382503-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
04511d8147ba67779410293628c524c0f2c2ac984cab17a6e8f9933b850ee886

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6611
expires
Thu, 09 Dec 2021 06:30:02 GMT
29133817602273-t222x111.jpg
img.ibxk.com.br/2021/09/29/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/09/29/29133817602273-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
d04ba8369f9ebdf4ffd6ed3e6399dde00cd407b979105e90c57afff0a2f7050a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
7389
expires
Thu, 09 Dec 2021 06:30:02 GMT
29141138016324-t222x111.jpg
img.ibxk.com.br/2021/09/29/
5 KB
5 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/09/29/29141138016324-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
a6069bbca72fec0f6641a08636d4f96ed08c7f2b13845f3edd7e38a46b4f1bc5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
5314
expires
Thu, 09 Dec 2021 06:30:02 GMT
42963-t222x111.jpg
img.ibxk.com.br/materias/10347/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/materias/10347/42963-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
bef79e75174393e46c8a0044343d31766d0f4bbd893f10776396d054425720e7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6846
expires
Thu, 09 Dec 2021 06:30:02 GMT
17111820406105-t222x111.jpg
img.ibxk.com.br/2021/03/17/
5 KB
5 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/03/17/17111820406105-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
82ba6da551227d1d1bca5ab45d7b2f822d1141fff328304195d9b10f87940f4a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
5195
expires
Thu, 09 Dec 2021 06:30:02 GMT
12182208801415-t222x111.jpg
img.ibxk.com.br/2021/03/12/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/03/12/12182208801415-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
57b03bdfab75813851988e2ab70c25a29a1259c3e99ef0096a431994af6923fe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6959
expires
Thu, 09 Dec 2021 06:30:02 GMT
12085352896010-t222x111.jpg
img.ibxk.com.br/2021/01/12/
2 KB
2 KB
Image
General
Full URL
https://img.ibxk.com.br/2021/01/12/12085352896010-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
e0a1bc310556490c18a35c0f4bab63855403c3c12ecae5a51d33923693a123a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
1933
expires
Thu, 09 Dec 2021 06:30:02 GMT
29133428620076-t222x111.jpg
img.ibxk.com.br/2020/12/29/
6 KB
6 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/12/29/29133428620076-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
eac48e3985bb23809ad759fe9056ce51a59588fdc8e93e0edd1a2f79e7421bb5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6420
expires
Thu, 09 Dec 2021 06:30:02 GMT
10105601523032-t222x111.jpg
img.ibxk.com.br/2020/12/10/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/12/10/10105601523032-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
63ff2f8fd33b69fcaa3394e4ffc79014db011cb57d23a2f77b41cd9e702a1e42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6851
expires
Thu, 09 Dec 2021 06:30:02 GMT
13163028706353-t222x111.jpg
img.ibxk.com.br/2020/11/13/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/11/13/13163028706353-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
c29cb8d5576783701b7197129ba5fb88610c5d3d55bfe1e4ecd2e20523c4c915

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4144
expires
Thu, 09 Dec 2021 06:30:02 GMT
06141637972217-t222x111.jpg
img.ibxk.com.br/2020/11/06/
6 KB
6 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/11/06/06141637972217-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
316719af8c625b5102c37c03c018c91c1e0a54d0fa8e49f399250b82a4cb11dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6249
expires
Thu, 09 Dec 2021 06:30:02 GMT
05114648788155-t222x111.jpg
img.ibxk.com.br/2020/11/05/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/11/05/05114648788155-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
f10fd76f5ee28056ad3f3d76232971f96e26a122270bac12bc6fc5fc35931568

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4043
expires
Thu, 09 Dec 2021 06:30:02 GMT
07112404068086-t222x111.jpg
img.ibxk.com.br/2020/10/07/
5 KB
5 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/10/07/07112404068086-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
da77b9499cb79e2023802cb1fed3e39e0414a7ea244290186e85547e2816f256

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4718
expires
Thu, 09 Dec 2021 06:30:02 GMT
20174238792609-t222x111.jpg
img.ibxk.com.br/2014/05/20/
6 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2014/05/20/20174238792609-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
c8871b6e9aee5124fd7ef79e81453b2241cdf7ffb6a1d94823ae12fb2dbc9f12

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6443
expires
Thu, 09 Dec 2021 06:30:02 GMT
11160350120404-t222x111.jpg
img.ibxk.com.br/2016/02/11/
7 KB
7 KB
Image
General
Full URL
https://img.ibxk.com.br/2016/02/11/11160350120404-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
b444b971ff6000395bd9274c3e33e324c1cd8658cb7af7a6547dbb91ec2dc0e2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
6852
expires
Thu, 09 Dec 2021 06:30:02 GMT
45179-t222x111.jpg
img.ibxk.com.br/materias/6476/
5 KB
5 KB
Image
General
Full URL
https://img.ibxk.com.br/materias/6476/45179-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
1aeccbded86885bd4f93896d5b7226a6e31969bc05e71da544c397f7749bee15

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
via
1.1 ID-0000627502077102 uproxy-2
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
5154
expires
Thu, 09 Dec 2021 06:30:02 GMT
24113648462346-t222x111.jpg
img.ibxk.com.br/2020/07/24/
9 KB
9 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/07/24/24113648462346-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
86fe6478dc28e4de75f46247553e90a6404cdbfb9d344eb1776d408d51b1908c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
8759
expires
Thu, 09 Dec 2021 06:30:02 GMT
17161546993115-t222x111.jpg
img.ibxk.com.br/2020/07/17/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/2020/07/17/17161546993115-t222x111.jpg
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
8c78a6050e2d0c91425e75e39e21a9ab7efd5d7f6a6b2251a52b71742fe82fca

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
4138
expires
Thu, 09 Dec 2021 06:30:02 GMT
nzn-logo-new.png
obj.ibxk.com.br/layout/nzn/
2 KB
2 KB
Image
General
Full URL
https://obj.ibxk.com.br/layout/nzn/nzn-logo-new.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
8091761cfa71f7a161cbca380a058e7ea2f8919a97cf43f41957a54d535df986

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
last-modified
Mon, 12 Sep 2016 19:51:58 GMT
server
Microsoft-IIS/10.0
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=30
accept-ranges
bytes
content-length
1615
expires
Thu, 02 Dec 2021 06:30:31 GMT
ct.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/8756095/ct.js
  • https://sb.scorecardresearch.com/internal-c2/default/ct.js
2 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/ct.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fecb52c070ce6fc25e11a1be6234f23b35ba95b1205472db28667f195dc87eab

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:03:07 GMT
content-encoding
gzip
etag
W/"660bd936b3dc78cdaf12e7ba08e44f7e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1965
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jBAuhDc10qcDD7-_x6zoo63ZM3iNpdNwF8EiwxdfDEWheigf5RCoDA==

Redirect headers

date
Thu, 02 Dec 2021 06:30:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/ct.js
content-length
48
x-amz-cf-id
1_mRBtcVxTatUYt0hh318sLN0tAePUx8rk1TyfrwrXEXIz5ALX00Ig==
all.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/all.js
Requested by
Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/inc/v12/geral-201309170947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8f13f89c5476280dda59d9b42d3b93f99d201dddf493ee78dc6e43c08b191b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ibuF35ZM31zGlBvPC7cebg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 02 Dec 2021 06:30:46 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
UTOTUWVDOiApkTkgjPAKHu/eOUBI1WSvRPD8n+T02Ouy+0Fu3jmWk2//5MxsivhQNWGu6nTCeRVgSBi6xVi6Rg==
x-fb-trip-id
720026100
x-fb-content-md5
c6701f835b9f4a9be31e293d787bbc6e
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 02 Dec 2021 06:30:01 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7ddababa5f682e375da0e8ae9f56a53b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
usr
usr.navdmp.com/
76 B
264 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eda64128db563b15368c8e91652b0a66583272c0c5b5a6356d104ab1b7e7254

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b7281147c803763-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Thu, 02 Dec 2021 07:30:01 GMT
dc.js
stats.g.doubleclick.net/
45 KB
17 KB
Script
General
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3046
date
Thu, 02 Dec 2021 05:39:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 02 Dec 2021 07:39:15 GMT
gpt.js
www.googletagservices.com/tag/js/
78 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67964f1cb107f2110809f0c3ef5b65c1a0fde7477fdb1933bcd9d316d4f1c9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 940 of 1000 / last-modified: 1638399956"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Dec 2021 06:30:01 GMT
profiles.js
d.tailtarget.com/
13 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
https://www.baixaki.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 01 Dec 2021 17:55:47 GMT
content-encoding
gzip
age
45254
x-guploader-uploadid
ADPycdsgO1w6cPv0g5WrOO3qMIwiMCV-fjEwklqa5ARyI7qSLW1GsTOlV4eUispFSbf_BxyrCSpc5mFChwd3B9WKVAM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5285
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"b8c76dc45116253f6649e4a5049e4d10"
x-goog-hash
crc32c=f1OzIw==, md5=uMdtxFEWJT9mSeSlBJ5NEA==
content-language
en
x-goog-generation
1632418656181594
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 17:55:47 GMT
profile
d.t.tailtarget.com/
92 B
268 B
Script
General
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
https://www.baixaki.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
clear
expires
Thu, 02 Dec 2021 07:30:01 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8756095&ns__t=1638426601094&ns_c=windows-1252&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1638426601094&ns_c=windows-1252&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%2...
0
222 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1638426601094&ns_c=windows-1252&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&c7=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&c9=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
sx4wz1VVLLTI5u9njkTRJt8jAVe6Pt6PZSmj4t0kjTby2OFeQmQTgQ==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 02 Dec 2021 06:30:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1638426601094&ns_c=windows-1252&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&c7=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&c9=
content-length
299
x-amz-cf-id
6SvgmHdrHT6MW5oXE2Iqm3HQISL_bqcCry04nhvh8-93TyTqjUrIQA==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.baixaki.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:57:38 GMT
x-content-type-options
nosniff
age
52343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:57:38 GMT
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1524368451&utmhn=www.baixaki.com.br&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1413534137.1638426601&jid=1956886594&_v=5.7.2dc&z=1524368451
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1413534137.1638426601&jid=1956886594&_v=5.7.2dc&z=1524368451&slf_rd=1&random=4114050943
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1413534137.1638426601&jid=1956886594&_v=5.7.2dc&z=1524368451&slf_rd=1&random=4114050943
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1413534137.1638426601&jid=1956886594&_v=5.7.2dc&z=1524368451&slf_rd=1&random=4114050943
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/pt_BR/
286 KB
81 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/all.js?hash=14a48ff321c1cd6cf758db8c6b6a7beb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f4554c3c9196dfe6d75d689ac22cee234b87434b8eaad52841705b6eef37f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.baixaki.com.br/
Origin
https://www.baixaki.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
KIY0NNBrb/qcKeuEU+vOyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 02 Dec 2022 06:10:47 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82954
x-fb-rlafr
0
x-fb-debug
EBV3NdYBxHP204B/HWuud8MqFqu4Y+m5pLIz+vCqPHl5PmIzcEU5agDeVhpWhWeja5OzfFoPxmyf7Z0GSnCyGA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
33c5b2b9b02794a46db4571eb7676f4b
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 06:30:01 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"17260a6045395c027738d8c9f694543f"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pubads_impl_2021111701.js
securepubads.g.doubleclick.net/gpt/
345 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118578
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Dec 2021 06:30:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
401 B
811 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.baixaki.com.br
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
653d04098d18f17959aeb31247dfe66426a6385eae8812b08e938cab24d836f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
expires
Thu, 02 Dec 2021 06:30:01 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=132330753483600&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=14a48ff321c1cd6cf758db8c6b6a7beb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
aoFOUUDs5nvraduC2yDmrXFjfQSeS/gs9hzuIJgUWZuW9P66fMJn9eMyyPqYB8ZGmXwK+gFDJRvjSLA9HJRo+g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Thu, 02 Dec 2021 06:30:02 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.baixaki.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
req
cdn.navdmp.com/
6 B
101 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=fcd20e6ae3ec7b4736f8fdbca09&acc=13767&url=https%3A//www.baixaki.com.br/portal/redir-partners.asp&tit=Baixaki%20Portal%20Parceiros%20-%20Not%EDcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&utm=248450708.1638426601.1.1.utmcsr%3D%28direct%29%7Cutmccn%3D%28direct%29%7Cutmcmd%3D%28none%29
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b7281169f903763-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
324 KB
76 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1527440362662624&correlator=4264467870436736&output=ldjh&impl=fifs&eid=31061815&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211202&iu_parts=36373682%2Cbxk%2Chome%2Cpremium%2Cbxp%2Credir%2Chalfpage%2Cleaderboard%2Csquare%2Cleaderboard-middle%2Canchor&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F4%2F5%2F6%2C%2F0%2F4%2F5%2F7%2C%2F0%2F4%2F5%2F8%2C%2F0%2F4%2F5%2F9%2C%2F0%2F4%2F2%2F10&prev_iu_szs=1920x750%2C300x600%2C970x250%7C970x90%7C728x90%2C300x250%7C336x280%2C970x90%7C728x90%2C970x250%7C728x90&cust_params=category%3Dhome-portal%26tt_Age%3D%26tt_Gender%3D%26tt_LifeSty%3Dna%26tt_Intere%3D%26tt_TimeFut%3D%26tt_SubSegs%3D%26tt_Renda%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1638426601&dt=1638426601507&dlt=1638426600334&idt=1147&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C315%2C-9%2C-9%2C-9&adys=-9%2C-9%2C0%2C-9%2C-9%2C-9&adks=3951640584%2C891476953%2C1301506033%2C4147225988%2C4248904750%2C4075830709&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C1600x263%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C1600x0%7C0x-1%7C0x-1%7C0x-1&ga_vid=1413534137.1638426601&ga_sid=1638426601&ga_hid=260466668&ga_fc=true&fws=2%2C2%2C4%2C2%2C2%2C2&ohw=0%2C0%2C1600%2C0%2C0%2C0&btvi=-1%7C-1%7C0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b1e6d5002e0763c313c3a9df87ac34de4ded5ae57a8f1342e92ccc3db0f6bfe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77678
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3652
6 KB
4 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D6B9
6 KB
3 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame D6B9
1 KB
960 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
848
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:15:54 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D6B9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CT2106meoYYiRC8eyx_AP0_2o8A_MxufuZrqykLmhD_ilkuW1MBABIMKm1htgu76ug9AKoAGMjfGdKMgBBuACAKgDAcgDmwSqBPwBT9CIoO4nqKDJ-8kLu-KYIXmGvPo4GCnc6cq-i_AGvR4FrdTwCvEMOvcCeKy3TD5hdjOS8rMbqUA5MULLjT0Vf2iDITHAIqaa8ny1ni-Z2MtJj_rdnpiB5RKOrk176vwKcNgBcZluKnDAN5isKHDsedQS-KfYfBBrFPc_TvGkOpt634H0DNkWRC24NOVXtg5WUHFs6x1rONq9B1EK8nJHe8oxHybuefztSh_J9SR1H9IXu_T7Rq6hQz2xyPeCBFeFtKn-D4WwRDsD7xrl1Y6tMF5fKkWs--TKk1QE6-StHZmPIJImrtKQiag8DEN1k2rC67YrttNNKULYO0cLwATx5rCk8gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHjMXB_QKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC2iwjSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMTcxMjQyMDk4OTc2OTc1OBjSwBY&sigh=JFw8Xqogw1E&uach_m=[UACH]&template_id=492
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame D6B9
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1081
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:12:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame D6B9
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:10:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D6B9
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 06:30:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame D6B9
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:09:39 GMT
l
www.google.com/ads/measurement/ Frame D6B9
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFB2hLFUCYBfnmXBxTtxoosCN9SJLrFaIBX_205YF86jCXoLwOQDL7hUnodt-3cswX43lVBo9douWHlWAOtpEkiB6izg
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame D6B9
27 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 16:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 16:21:31 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14207247814004754286/ Frame D6B9
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14207247814004754286/downsize_200k_v1?w=195&h=102
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
768e06db152674c2b8a7ff4caefbd58a9bb5e052525e457c95a955fee648da99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3636
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 17:07:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 06:30:02 GMT
truncated
/ Frame D6B9
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D6B9
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a19dd804a60d46432e5d2205f6bfbaf2567061313cca294aded8659f3f4247a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame D6B9
42 B
497 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7QmeHAkjesveqF62DXJQ4XNF_Y34w_NiLWSHm0enIuU2tZlNEMrcuKv0TFZzNxAn1hCaD8P0tXIYxFlfafHhNTWR4CCwp5uc8u92aHoJ1y2yg9NxSTA&sai=AMfl-YSQIE7haRn6lUaN1CcGxpFXiwKLEmNlo6hWJm0jMZK9LFhjcbI284x-cPn8lzoBnXM3fkrhZQYVS9D9ShY07gaQQL76K0eCu4IwPqXYQdTOAakRh7qCB8l2X83qa80&sig=Cg0ArKJSzMS7bYwpMHtoEAE&id=lidar2&mcvt=1000&p=0,436,90,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1301506033&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638426602178&rpt=260&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F670
6 KB
3 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F26D
6 KB
3 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fullhighlights
www.tecmundo.com.br/home/ Frame 5AB8
7 KB
3 KB
Document
General
Full URL
https://www.tecmundo.com.br/home/fullhighlights?tec
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx /
Resource Hash
e2e78b49365fa8b1921bda8412484ef532e8f0e1df7c3ed4aa5031c5e2cbbc06
Security Headers
Name Value
Strict-Transport-Security max-age=666; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-type
text/html; charset=utf-8
server
nginx
content-encoding
br
vary
Accept-Encoding, User-Agent
x-html-minification-powered-by
WebMarkupMin
strict-transport-security
max-age=666; includeSubDomains
version
2.8.28
expires
Thu, 02 Dec 2021 06:35:11 GMT
cache-control
max-age=300
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DEAD
6 KB
3 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
nzn_baixaki_horizontal_4_slots_https.js
s-akfs.nspmotion.com/aep/tag/br/
0
0

fullhighlights
www.megacurioso.com.br/home/ Frame 4EB7
41 KB
11 KB
Document
General
Full URL
https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
a0ece3d81212b04151eda43636a20365dcd924190108b9b5fe6f3322f7fbdad1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-type
text/html; charset=utf-8
content-length
10789
vary
Accept-Encoding Accept-Encoding, User-Agent
cache-control
max-age=600
content-encoding
gzip
server
Microsoft-IIS/10.0
x-forwarded-for
194.36.110.165
versao
4
expires
Thu, 02 Dec 2021 06:40:11 GMT
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48F2
6 KB
3 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t3m.js
tags.t.tailtarget.com/
20 KB
20 KB
Script
General
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10709-3/CT-239
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
402313d2b68318512b1248b6fc9022f409354bec392adf4cbd4ee5681355a824

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:39:52 GMT
via
1.1 google
age
3019
x-guploader-uploadid
ADPycdvT2gIVeoTjupmhFrfvQH1atOZcrd0L215hneM_flp-cuJo76WJZtb3mOOwZEf8lAngFEzlR3lYBVrnbHdeMOzlweMLPg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
20343
last-modified
Fri, 25 Oct 2019 18:18:53 GMT
server
nginx/1.8.1
etag
"3c52e3c308f8fc656cee15f40f064343"
vary
Accept-Encoding
x-goog-hash
md5=PFLjwwj4/GVs7hX0DwZDQw==
x-goog-generation
1572027533783405
cache-control
max-age=7200,public
x-goog-stored-content-length
20343
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 07:39:52 GMT
conversion.js
d.tailtarget.com/
15 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 10:51:40 GMT
content-encoding
gzip
age
70711
x-guploader-uploadid
ADPycdvGpWA5iBFjomjJ4URc7h4sh9Y6ag1rxmgs9o44M_4_N8lj6uA5n401StAcmM4eT1Y1XaDP-FpOSrQ1p0vacA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"c011d7eff3edda011a5511fb703d925a"
x-goog-hash
crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language
en
x-goog-generation
1632418656103247
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 10:51:40 GMT
97ad3a13f7d8801cad64d7413acca93e.js
api.cazamba.com/
1 KB
1 KB
Script
General
Full URL
https://api.cazamba.com/97ad3a13f7d8801cad64d7413acca93e.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b6c63d85a2965ed5d7a5a9473a6563be3432da50be286bef2ee03a54caba718

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 22:34:04 GMT
server
AmazonS3
x-amz-request-id
BAD40028AEC65371
etag
"c299ea666b536606e59fba24a3e60ea0"
x-hw
1638426611.cds064.lo4.hn,1638426611.cds216.lo4.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, no-cache,no-transform,must-revalidate
content-length
773
accept-ranges
bytes
x-amz-version-id
7kiJtqY5e65QSpZ3hh4k28p5INAwwHmw
x-amz-id-2
OwHhLzWz+NoA17FDK8XQnVJSNwcGbI9UETca4KzCEU4B/y0B5xlJeHIYniUxM4QIEhBog/vx1Pc=
tracker.2018032814.min.js
lb.nznweb.com.br/tracker/
0
0
Script
General
Full URL
https://lb.nznweb.com.br/tracker/tracker.2018032814.min.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

plusone.js
apis.google.com/js/
52 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3e4785ada852860d7f22424fb9839860c3b58baa270b2e0a0ad00a3d94cd0ee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zXKxmvtBm6GnAvL0p7thiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"87f2d7c8ad48a9e7b319f857431c8673"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-zXKxmvtBm6GnAvL0p7thiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Thu, 02 Dec 2021 06:30:11 GMT
loading.gif
img.ibxk.com.br/
4 KB
4 KB
Image
General
Full URL
https://img.ibxk.com.br/loading.gif
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.6.0 /
Resource Hash
93c99b1a62bdef426c6029d8eeaa796af079bd0b67c7bd67fda444e8afb6f562

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4178
expires
Thu, 09 Dec 2021 06:30:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F2E
624 B
733 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGM7x37wBMAE&v=APEucNXfiZpXQrNBTbHFf3JClmKiP12bg47EVzaDE7uGu4v9A6emO9Ov0LG0h2ONRVveXmjpcgY5fsjjaqHOEUGJq8_lLcQDNIEcBdQvgI-0hd6tg4cux_e3JoxPRfrqyIwqnWQX_YnfsRZnDJL01g9kDx1sA7l1tF7-plN67n298kdWA4RdxSE
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 02 Dec 2021 06:30:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame F670
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:17:06 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/ Frame F670
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:26:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F670
0
61 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7s0YqMiVI2Bt-uks1Ko2qhbbBwCE_fWP5ZusSzVxi-jKIsQQBg8IB4OmuUQIpYKejJOg1_hyMto1dLBKUPcf152tOLvW4n7Ed-7-OPdQijYhe3hqdha4-s3Xen_nVa9_QdIGIsnEJ0o802rbZ3PSd1hz13_oZ-dUbZi3dUSZKG9rP4vgVY8-krgWH6E8VlNtTrOf8ORTQ8KyOlYklT9bfvKNlQzRYkGpw5FHZ6yfFxHFucZfnjNYe9Np_bunJlaWOhzWGh7Xi4HHiRmoh_T-346QrlWfaLjG6vhS1mCiNr4lCHd-Wrgfr-N1olDK00G4xh9HMENt_e5BdayULbSNQM39Uw3kW4kDn5AS_whED2ARpBwVefYGlnKEL95N_oqQbMK3MJgJrP_QjGGtByMU8AihWJN4AQY_zQ5dRWg-cT5yJ5TmTkXlZEs1xmHeXfBGA67pf4JvX6OH15SOe-U-Y9OG0N5HbWZIfLZoXHHqno-WuWvt_D0qeFtWXSYFoxU24dxh0Kskb8sTI_I9aZbKZfjfa15t6ltxnNLOFw0Us_ryacqrsK9uR3Ry4j8OFCEuIGUHSOC_kAV22WIMrmnbqh2b_wrD7-xZTk6tBVxLYGsWpWQVz1coLCcuy8eN6V-Xts4-KgidCJdkoMVvCmy86fhD5bn1EbePCeOwuPp-yOkzjeJeq6FYpUqlua3QIHfLbOiHUkyqDyA8Fls2S8l49zS3BjrLNEtCQz5QMKX-QllnNsZXxKHPVZBBhOgmSeayCIsf080UwRLrVKg-EwPi9Uu1vDwLRdrhKFp6H-rFJi3lrag_Vc5kn2myQbUgj7ovKA41-u1pPXBD_OEsanBYmeaQxmE02MFoxSByHTyKy-p0kNgMan5Y4_4_fBi3KvFhvUpCAcPRyDk7P6VjaJ48z7ri2ngbq7ZIrbMA4uKvwwtsplP-AZBOHa9Ygw-QqsQ7CcUKA8g8VeX8bDsjD0k9PThMgV-kCBgHnwth0gbM0KK-d_NzuEOi2UhLRtxi0dg3HDun6THdVLq2KtPRGQJbpvmLmmGdmplS3gjuqVi2wEfkqjuZZTbUwxxJTsqtIN9kOEkH_mvrDQ1aiHwFjl5BzkWKaFrkB5gt3rtzFJwnJkzVq&sai=AMfl-YQGt4WiTSjtZuQPpkvxAZIxU2pdQoFn9FV3zywI-1Spn6Z4UUqiadT7Aqvcd0OVxzmotJv0KT1bn7a0EWq73o9vuzOlsvNAbT_UjlYQ2nC-A2zPa3a0UrSsAUtE6yyu0OBf4LiAODQ5UNkYgxDCVYaXatC3q0S7-lSbHiM6SKXjZM1HgzStzwQPWoiXEQ5gVoDZGO4qkD0bPHhy-rnya-WQSuMSiLZDmH6dJ-yGtuQjTxs3otKG3MLQPuTAtr7THvF76W9Aptm6JAzeeGJ2JoU1FSkzvpnAP3JqSQEQRf6-1pJSLjMbmXrPier_YS2smUOkcZxZ7YJUK-R1NI1Uey4nGTTNEhiHu9mzeeGHKs0ZNazlhNlsJQ7HDqA0lxjO1IjHAJAdxLTWX70&sig=Cg0ArKJSzCq20XqBfXU7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211130.22287&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 02 Dec 2021 06:30:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F670
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 30 Nov 2022 08:11:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F670
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1vnTp2U-C_hmtKaZJZGl-HIzXt3PL4ellZ-kEQQKvt1U_-C2oCzOIt5sonMaNGRkQ6fajPWfXcau5H1jBvFHK9M0IWx8dy0K0xmVCrMhU4fxjKsI
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame F670
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 05:57:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F670
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 06:30:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame F670
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:09:39 GMT
18391722826438314023
s0.2mdn.net/simgad/ Frame F670
55 KB
56 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/18391722826438314023
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79835f2d0f3ea82036369d6c309f89559dc6a3da0bdc441518838c307be2b4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:19:43 GMT
x-content-type-options
nosniff
age
47428
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56471
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:34:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Dec 2022 17:19:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AEC1
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKPs37wBMAE&v=APEucNWGpWkm9YlInT3QmuEROBlESBQOdWlc6S4nw-SRKVq_FX73WuvM-7HMEEJXW3KGdf3x5PxW6CDQdpFV8zvCXbhgDD6v8XRCwOVJSsL0kTSJ1Du6Lr1rZ8abVU5ZkLBeNMnVHMXQ1wxv-ydPU8mTJLAQ7NguucCKRUgk3KrtMR4X9ZhtQbU
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 02 Dec 2021 06:30:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame F26D
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:17:06 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/ Frame F26D
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:26:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F26D
0
571 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkBlXtTlT8B-8S26bwc1Deyf7MlBu4bV01OFpYg3W558ClMxH83TWeYGoq6SNoEQiMK2deUmRWSM1gJZtWnlg2Nl2hpza1LGxv_H39LfICjjTOrLHz3J_zJthuMp77_jfQ7tDrNJgFhRq6bqpZcP-9u6i0yW9PbPWVt8oW9uf5CWovDNfEG0FyvM5e8adWa65OH9T8XhcVbEXUTh8afNLsSaVOT-krj1z6fjLhFCtCTashxcrSWHX-RDaN20--8sk7oTwYNRlMa2jBu97rPhbystKABp5cOIsFB8lXbU40kWxpucVLstQH762kTsrcJlNgC9wKpVIxrWszC29Ds1usPL7f2QbanUwYt-abhXh6NeBOIFoeqJFU8mW26lMKIrq3QWlyuxSsNcMtScJZAWcxCMfFU3uBacTi0oHIowzapRfABlMr8S9A7ZVAQXYbO2gr99wPM1yAwY3uD8lmm_3M3zqcvXmGhYnnBQEZ7quPw8jk9U6o6qiyWvHijstLO9O5x5gLCCiXi6NFEuyJUsVvbYo7OkkDQBZE1BBU11fmnAMmPGu_zahrCeTewLFbXfeH2LpIVbBGzmznju4bx85buPXpv5qoRAquhtdVhHxxWEgKf-u5HKpPhre--cLg0iTPzIOcbu1M9YZ983RKEwOZ3ytvDrzQJDl5cWLQT4RzdJ1bY9Y0OvrHdb-QWMcXs3fh249F8n7G_BE8a9nrINFldI2nTzYLEbcCL4WJe_C1jezGwTv_DIoyIs2y3JZSJKCVFiJwXDv2s8mKsxu4HPv0NWkBiXIFsNR5d8_AghUgEA7zdRrYpEXg0EUgzWudw73_kXbewYcRnMuVFiYOC4u2ovA7cpVAfD9XTtXfOD9f2EEfaJV2bYBNiVdWYI48FFFuec8SIAa-9Q06SzTi3n2kpkb1qRsbG8p1jUGe_PjSqBLzXQ6EnqCtCiqbXGmyxSg99vD71ok2X5L_iWZ8MU-BN6xr2YgGGeTBbOk5CgbPYpc-QYZ8PKqI_KAdpT8u4pvKEzkRe1q47w9kjpScOo2M0ECNdaDDD6-FnwsD6Y8zgzaD_J7v_xuNkVE7zox_TinbIeECEfNAUojLR5ZcupYzz93NJw-HGmAYOo0CxHQ-nLk&sai=AMfl-YTaZHE_q2HmWn5s9qPiTn4jLylD7SvAtxnY8wkjPZqhToGsxIUsCEa-DsUuDShFE-VHjSQOp2pJn9HnXsvxkutdZOeyKcP1KF6DfyeCY76Ok7bxNGTFz1OdlnkVa2HN71MN67lJdy7uc1jGOlt8uC_9ZIERINhGcij6jVEnkPB5Skl0V9d-iPIf7yFDlZ8Bgi_mZqr2xh8ZW3H3awZYGQ4yDiGPtywBm7WmiVnPn_qBibRjwhaLCq021mFYfgoQUPfE_9U_SXEJTjJ5XI-t0UoV1x0sD3Xu7n2_TDVOcjLCg5KZeO_plLyP6jfbn8HIzCrMzf9c3ptZ7v_FN85Or6eu4fraax-TxaS50phT0XTXZNhrldbJSE0Mzk1LrAAMxZG3HWQ4iV8QR9A&sig=Cg0ArKJSzNOWwNonNCVsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211130.41453&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 02 Dec 2021 06:30:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F26D
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 30 Nov 2022 08:11:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F26D
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxvFyy6u6qEOWStu1ioIEv0CDh8McJO4NkxJJ7ymmjYUDp7-r2czcWfvHUDVpzMYHXNNPmHWmvnDkONb6SW_cFEc3h9B6gMInE9sMzTmggwwNdBKc
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame F26D
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 05:57:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F26D
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 06:30:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame F26D
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:09:39 GMT
l
www.google.com/ads/measurement/ Frame F26D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHkpD4oJCrUcDcX2ItY4AHRKqH_BXVlA6RwItH0P_rOl_gtsDurIzqDMz0y7yG8gO2EJDsuc6xH4JNxi_i62c_FB1CpQ
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

9662826465498992765
s0.2mdn.net/simgad/ Frame F26D
80 KB
80 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/9662826465498992765
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
016d272c972fe15d89eba942e0c350a666be6113c3742fbafdd3f454b5761b6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:07:34 GMT
x-content-type-options
nosniff
age
48157
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81781
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:35:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Dec 2022 17:07:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame DEAD
1 KB
880 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:15:54 GMT
B26865647.321968141;dc_pre=CKXGt-G-xPQCFU6JdwodlPAEjA;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/ Frame DEAD
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/B26865647.321968141;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/B26865647.321968141;dc_pre=CKXGt-G-xPQCFU6JdwodlPAEjA;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rd...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/B26865647.321968141;dc_pre=CKXGt-G-xPQCFU6JdwodlPAEjA;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1649385.134426GOOGLEDISPLAYNETW/B26865647.321968141;dc_pre=CKXGt-G-xPQCFU6JdwodlPAEjA;dc_trk_aid=514458921;dc_trk_cid=162410650;ord=3625257914;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DEAD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqw226meoYYqRC8eyx_AP0_2o8A_xqrzpZvH6_MudD4Lh5q3BKBABIMKm1htgu76ug9AKoAH01sO9A8gBBuACAKgDAcgDmwSqBP4BT9DQtCIk9fdR2NHnKSGEJi4c3sGFLIjy4uLFVlc8UZpmj9GqVAuC7u49bp8E8BN-2jQfi4SdRhNu1zVAAK814Fv2AAtFI2ZOWbjSB9F-_67jz74yLjaI6UcqPaix94SURK2Z0cdZYifnQV5Z50CcUFxIDu6XS7Jq5_MKp2VyAMcWVyitcD8OGC5wxwTmExDt17QJO30IIAD7zzA0iHlUQ2aWSRM7XUJlcnIszeRjhr8TLJLTe96j7EkA5zOj7rFKhfO4zKxDBJdrkPR507DENhVBWElVWBYAqdp3mu26RMj_lZapjqvp4M5yMFNTFqWncZQV9yFmbIX57JpYu7TABKfN9YrTA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAf0qLxCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwMQ8C7SCAkIiOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTcxMjQyMDk4OTc2OTc1OBjSwBY&sigh=Ntyr-FkNtT0&uach_m=[UACH]&template_id=492
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame DEAD
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:21:18 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame DEAD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 05:57:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEAD
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 06:30:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame DEAD
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:09:39 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame DEAD
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 16:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 16:21:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8D1A
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGNPn37wBMAE&v=APEucNVRsh32zj2KuFeC9Se98PcXHhEx-SwkX7cTy6euXntuooYtBKIpGr3PX6DCrDxBdEgAejFf1puKdLedzoYypaENv2euGqHhnsjQS50MrWQk1tXQk9srZoTlTK7L6kLy8furxYXUtI1TPcDPLEOJOpAXPNCsS2lZp2eVdoxfxNhoX3nF6oE
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 02 Dec 2021 06:30:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame 48F2
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:17:06 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/ Frame 48F2
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:26:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 48F2
0
61 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuszdmf2c-BMQnTUIJgcnv5n5XJp4v8CNq8jsgSXXS4e-j1AI_7L5n39HvrAbAyHZPrDkM1uPSyGrcW71PB1buNXg2YgI0TNoM2F2yi5VDNdWrKvBXsDyZ9xrCIoZenwqJNz7EyZ_X1DAhTsyN8H0eJVdORNfv6p4Wim-vXEL7neExK2on4O3wKIQ5NVIt5hCkSMdRtqs8LbysqQh-JdziL3N5YUJtgcgrSwjb6XOw8LDQN0Cq7pXehqtAJIU9dN01L1OZ_vN61LY8pfGjh8CcCjiLjDs4M9yQNTlSZFenHfiLVefXNcIR_YTcPQwEaG7DEEbP-SdHDccAktl_TJdOlEwyfn_wuizW1yUbCucxvS6JAbou4UOi1Y6vQPLp4UwRgQoILQMao6I6UOMfpOnYmLysJ1479FZR_FwCdhAu7t9dW8sbcd3MR6lknKGBySVnj6oDzLVy8yIg4kZXjNlTa9zWKuXBxs3dDyWf2m7hstUziGtOmU0K7nv3KjWTuwpiGbydmqSOMExwV5ScyUoqodRK6YLmd-0SPlLMuSrDFoilY4u-3MPzJbvKYEHBNCDixrbRwQSzv9rZoreOO4JRfh9g3pJzrVTHfC4pZ3C79xEie7_iWzcf4vHwY8frYXJcemP8u9OHv7MO7souRjogftsx-iO-6ziINff1mhV6NMno9PIHYp_Biyb7Rzi2SJSR9ivcryfCHgiALQSTDNImg5YyWrXEvk_dRsM3pe_8viJyXC3Vo4ipl_9QjBgW00z0kxMW7Dks3PJwFm67FIykJoDeBqFX1b1sT5UFW5aUpIaDUtSckZCRuuVwWcd__q_pBo8aB0rP3_Od72kQG1LMpYZZXKNmECfj597tGtcbv7VL9nC4rrakRCrj6uMUhtvgUAdbWONRuSzzn6BbFpFKW618wRLMCsdvNsW-7BsQ22A2JULVLsbi8mXFgOwK_76aGA_0vYJvgx14eTUr5b-sRJQQxdry8XEXGW-ZZ9h9fhtaACCvWp_-8-e_tlcGBGikceKptX1TDzIsmcevyaMHQLaYVnkTn-CbtCl4wyeAwXTQRrVozAW-CqYom0MOvw0Fz5XnhXfClBE5S0ZbFiqPbu1ssB5ITHugfYpCbUFkWDRvl&sai=AMfl-YTjTCAvxx2bSv3_n4kt9DAFSQndXps9FBvjQROXeAg4R-h0m18wdADoNgqdFmaGgYaluimhI3z4kMi3mjgOLuGmNHe6uLiV_nW8Pj5hYYAFa7MxvS8HcATCmPt5_NpZ4EOcav-HJKAHxNf9FLycyD_0QoJXB7XFHb_UqY1Lrt4E04xhpPBSAIOVgWoUDX-e7gxaSIbcSJq66YNU5TkL7DY2rwmZR7rvS4rASkrbp9q8UCRz-ZyYuQkOD7EN24zZHQjCiV3LkXDfgSc9h-HVtDGAPs72FCK6QO2hmo42fm-cYmTfA7C1uFIHQTuCb1J1qu9z--SCQOGpNKPy3Zj0p-PzJOes8wskv8IllxFLRDQgOofEFM5D2w4OupScaZztBK5F3FIdLA8YaTY&sig=Cg0ArKJSzHtv48zLFPooEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211130.90636&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 02 Dec 2021 06:30:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 48F2
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 30 Nov 2022 08:11:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48F2
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7B0iGbfbewrZOBCHHUNz-ROKAyQc2RixBeR3BV0sGQ7s1h_owjfdPF-Lrd8pnFqPQYfaS4RhU8zgM16F1SDWIZe9jVbW0rzc--Ateeuq3-vkAZoE
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 48F2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 05:57:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48F2
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 06:30:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 48F2
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:09:39 GMT
15247771902468207609
s0.2mdn.net/simgad/ Frame 48F2
95 KB
96 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/15247771902468207609
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a03bf038cb81d5be2bfd378107d0479a90b143967699ff9fcad22dc01629e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:12:45 GMT
x-content-type-options
nosniff
age
47846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97633
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:35:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Dec 2022 17:12:45 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3731712216888230967/ Frame DEAD
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3731712216888230967/downsize_200k_v1?w=195&h=102
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c0f469a9f03528bfc7997ccd2ce5fb557fe05f748d69aff08347208527f93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:41:25 GMT
x-content-type-options
nosniff
age
517726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5560
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 02:17:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Nov 2022 06:41:25 GMT
truncated
/ Frame DEAD
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
base.js
d.tailtarget.com/
20 KB
8 KB
Script
General
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 23:03:40 GMT
content-encoding
gzip
age
26791
x-guploader-uploadid
ADPycdtGDGqG5TkFLOhcafXycT59LiRVFThATonqN5J4Bv12gydBdRfeW7CYmQwth3nY_OvMQGet4G0KItUoBN63hwg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash
crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language
en
x-goog-generation
1632418656026668
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 23:03:40 GMT
czmb.min.js
api.cazamba.com/common/
105 KB
33 KB
Script
General
Full URL
https://api.cazamba.com/common/czmb.min.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/97ad3a13f7d8801cad64d7413acca93e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 19:11:35 GMT
server
AmazonS3
x-amz-request-id
4A220FC14E49A57A
etag
"fd80cc799e36e281e75205cb74648bb1"
x-hw
1638426611.cds064.lo4.hn,1638426611.cds236.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public, no-cache,no-transform,must-revalidate
content-length
33535
accept-ranges
bytes
x-amz-version-id
VqCIYLFA9K3Y98t7mA4Tr4UkJwF3jmzR
x-amz-id-2
v+CA3dH+dzf6VhwklgPLpqw1ONZlijDdEMpRfIRqgin3joEAWttqzcb3fZrf2ve+0O9DkiGJGVA=
u
b.t.tailtarget.com/
54 B
304 B
Script
General
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
a4374b0547ee7dee99a61bf5668c6be2e76def8807a31da37a182afd25214509

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:16 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/
105 KB
31 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenMax.min.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3220324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31378
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1a5b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ExIKRe%2FWOEOwUBq5W6CEItWOEwxibAQzZoHUK5kiJgVqMoTrxBXKAEzU2OrDYiSqp0cgqdPcy8Zcs2L21qOHbI%2BjP20GBV4MUEvuX1f8wws%2FleHZ2%2BfPi23r0N9yE1pfVFShfMqeCrQRcVTGPqJrA4T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b728154592bd610-MXP
expires
Tue, 22 Nov 2022 06:30:11 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
10758
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
H8xg-UVwtoLmdgMqdwbZSo7prwtzn3bBURjx4tkJPktUQ361_HpS9w==
ima3.js
imasdk.googleapis.com/js/sdkloader/
374 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Thu, 02 Dec 2021 06:30:11 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3308
date
Thu, 02 Dec 2021 05:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Dec 2021 07:35:03 GMT
rm
as.cazamba.com/
598 B
1 KB
Script
General
Full URL
https://as.cazamba.com/rm?token=97ad3a13f7d8801cad64d7413acca93e&r=58513770393&v=13&p=%2Fportal%2Fredir-partners.asp&vp=false&callback=superagentCallback1638426611217606
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.18.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-18-146.compute-1.amazonaws.com
Software
nginx/1.18.0 / PHP/5.3.29
Resource Hash
f5811e93bc04170997b02a69b1990396dcbd6efa26214fb3b714ca913ff02a6d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
server
nginx/1.18.0
x-powered-by
PHP/5.3.29
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
598
truncated
/ Frame F670
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc9ca99fc946436dfa7545fb539a3ffdf6c3edc58cb00a577b7b33a27187dbc6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DEAD
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
447aed4cf1bf61655b7cd88b3e75ce684464a7f3a1aecb8fdea3478a4fe298d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 48F2
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f12ad3126e50535e8cfc613bb19eccbc22768b06bea5901040682de5ce2df70

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E8A4
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 01 Dec 2021 18:04:59 GMT
expires
Thu, 01 Dec 2022 18:04:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
44712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame F670
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7s0YqMiVI2Bt-uks1Ko2qhbbBwCE_fWP5ZusSzVxi-jKIsQQBg8IB4OmuUQIpYKejJOg1_hyMto1dLBKUPcf152tOLvW4n7Ed-7-OPdQijYhe3hqdha4-s3Xen_nVa9_QdIGIsnEJ0o802rbZ3PSd1hz13_oZ-dUbZi3dUSZKG9rP4vgVY8-krgWH6E8VlNtTrOf8ORTQ8KyOlYklT9bfvKNlQzRYkGpw5FHZ6yfFxHFucZfnjNYe9Np_bunJlaWOhzWGh7Xi4HHiRmoh_T-346QrlWfaLjG6vhS1mCiNr4lCHd-Wrgfr-N1olDK00G4xh9HMENt_e5BdayULbSNQM39Uw3kW4kDn5AS_whED2ARpBwVefYGlnKEL95N_oqQbMK3MJgJrP_QjGGtByMU8AihWJN4AQY_zQ5dRWg-cT5yJ5TmTkXlZEs1xmHeXfBGA67pf4JvX6OH15SOe-U-Y9OG0N5HbWZIfLZoXHHqno-WuWvt_D0qeFtWXSYFoxU24dxh0Kskb8sTI_I9aZbKZfjfa15t6ltxnNLOFw0Us_ryacqrsK9uR3Ry4j8OFCEuIGUHSOC_kAV22WIMrmnbqh2b_wrD7-xZTk6tBVxLYGsWpWQVz1coLCcuy8eN6V-Xts4-KgidCJdkoMVvCmy86fhD5bn1EbePCeOwuPp-yOkzjeJeq6FYpUqlua3QIHfLbOiHUkyqDyA8Fls2S8l49zS3BjrLNEtCQz5QMKX-QllnNsZXxKHPVZBBhOgmSeayCIsf080UwRLrVKg-EwPi9Uu1vDwLRdrhKFp6H-rFJi3lrag_Vc5kn2myQbUgj7ovKA41-u1pPXBD_OEsanBYmeaQxmE02MFoxSByHTyKy-p0kNgMan5Y4_4_fBi3KvFhvUpCAcPRyDk7P6VjaJ48z7ri2ngbq7ZIrbMA4uKvwwtsplP-AZBOHa9Ygw-QqsQ7CcUKA8g8VeX8bDsjD0k9PThMgV-kCBgHnwth0gbM0KK-d_NzuEOi2UhLRtxi0dg3HDun6THdVLq2KtPRGQJbpvmLmmGdmplS3gjuqVi2wEfkqjuZZTbUwxxJTsqtIN9kOEkH_mvrDQ1aiHwFjl5BzkWKaFrkB5gt3rtzFJwnJkzVq&sai=AMfl-YQGt4WiTSjtZuQPpkvxAZIxU2pdQoFn9FV3zywI-1Spn6Z4UUqiadT7Aqvcd0OVxzmotJv0KT1bn7a0EWq73o9vuzOlsvNAbT_UjlYQ2nC-A2zPa3a0UrSsAUtE6yyu0OBf4LiAODQ5UNkYgxDCVYaXatC3q0S7-lSbHiM6SKXjZM1HgzStzwQPWoiXEQ5gVoDZGO4qkD0bPHhy-rnya-WQSuMSiLZDmH6dJ-yGtuQjTxs3otKG3MLQPuTAtr7THvF76W9Aptm6JAzeeGJ2JoU1FSkzvpnAP3JqSQEQRf6-1pJSLjMbmXrPier_YS2smUOkcZxZ7YJUK-R1NI1Uey4nGTTNEhiHu9mzeeGHKs0ZNazlhNlsJQ7HDqA0lxjO1IjHAJAdxLTWX70&sig=Cg0ArKJSzCq20XqBfXU7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=288&vt=11&dtpt=287&dett=2&cstd=0&cisv=r20211130.22287&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame F26D
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0c39441d9a378190ba0fdaa68373a57158cfb0384f0774d791ed663dd01d5c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6545
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 01 Dec 2021 18:04:59 GMT
expires
Thu, 01 Dec 2022 18:04:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
44712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1C4E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 01 Dec 2021 18:04:59 GMT
expires
Thu, 01 Dec 2022 18:04:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
44712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.7Qaqnm_1sO0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMlhJgy_5nQ_Wt0jHMAZa6UDzBuWQ/
148 KB
50 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.7Qaqnm_1sO0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMlhJgy_5nQ_Wt0jHMAZa6UDzBuWQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
627b717a369895656423ba623d0d83c2002281751124a35fe2b6acdd07e6737a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:06:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51658
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Dec 2022 15:06:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 9F2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGM7x37wBMAE&v=APEucNXfiZpXQrNBTbHFf3JClmKiP12bg47EVzaDE7uGu4v9A6emO9Ov0LG0h2ONRVveXmjpcgY5fsjjaqHOEUGJq8_lLcQDNIEcBdQvgI-0hd6tg4cux_e3JoxPRfrqyIwqnWQX_YnfsRZnDJL01g9kDx1sA7l1tF7-plN67n298kdWA4RdxSE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 06:30:12 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 02 Dec 2021 06:30:12 GMT
rum
dsum-sec.casalemedia.com/ Frame 9F2E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yahn8-QWkL26XYLYLHJ0CgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGM7x37wBMAE&v=APEucNXfiZpXQrNBTbHFf3JClmKiP12bg47EVzaDE7uGu4v9A6emO9Ov0LG0h2ONRVveXmjpcgY5fsjjaqHOEUGJq8_lLcQDNIEcBdQvgI-0hd6tg4cux_e3JoxPRfrqyIwqnWQX_YnfsRZnDJL01g9kDx1sA7l1tF7-plN67n298kdWA4RdxSE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 06:30:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9F2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGM7x37wBMAE&v=APEucNXfiZpXQrNBTbHFf3JClmKiP12bg47EVzaDE7uGu4v9A6emO9Ov0LG0h2ONRVveXmjpcgY5fsjjaqHOEUGJq8_lLcQDNIEcBdQvgI-0hd6tg4cux_e3JoxPRfrqyIwqnWQX_YnfsRZnDJL01g9kDx1sA7l1tF7-plN67n298kdWA4RdxSE
Protocol
HTTP/1.1
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
258ba927-f373-4c4f-b0a3-abf9582f918c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGM7x37wBMAE&v=APEucNXfiZpXQrNBTbHFf3JClmKiP12bg47EVzaDE7uGu4v9A6emO9Ov0LG0h2ONRVveXmjpcgY5fsjjaqHOEUGJq8_lLcQDNIEcBdQvgI-0hd6tg4cux_e3JoxPRfrqyIwqnWQX_YnfsRZnDJL01g9kDx1sA7l1tF7-plN67n298kdWA4RdxSE
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:11 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f9f626bd-37c8-46ef-9c24-86c54b0d6c9b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AEC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKPs37wBMAE&v=APEucNWGpWkm9YlInT3QmuEROBlESBQOdWlc6S4nw-SRKVq_FX73WuvM-7HMEEJXW3KGdf3x5PxW6CDQdpFV8zvCXbhgDD6v8XRCwOVJSsL0kTSJ1Du6Lr1rZ8abVU5ZkLBeNMnVHMXQ1wxv-ydPU8mTJLAQ7NguucCKRUgk3KrtMR4X9ZhtQbU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 06:30:12 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 02 Dec 2021 06:30:12 GMT
rum
dsum-sec.casalemedia.com/ Frame AEC1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yahn8-QWkL26XYLYLHJ0CgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKPs37wBMAE&v=APEucNWGpWkm9YlInT3QmuEROBlESBQOdWlc6S4nw-SRKVq_FX73WuvM-7HMEEJXW3KGdf3x5PxW6CDQdpFV8zvCXbhgDD6v8XRCwOVJSsL0kTSJ1Du6Lr1rZ8abVU5ZkLBeNMnVHMXQ1wxv-ydPU8mTJLAQ7NguucCKRUgk3KrtMR4X9ZhtQbU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 06:30:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AEC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKPs37wBMAE&v=APEucNWGpWkm9YlInT3QmuEROBlESBQOdWlc6S4nw-SRKVq_FX73WuvM-7HMEEJXW3KGdf3x5PxW6CDQdpFV8zvCXbhgDD6v8XRCwOVJSsL0kTSJ1Du6Lr1rZ8abVU5ZkLBeNMnVHMXQ1wxv-ydPU8mTJLAQ7NguucCKRUgk3KrtMR4X9ZhtQbU
Protocol
HTTP/1.1
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6b5e6ce6-7df2-4ec4-8929-60353e74d7b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AEC1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKPs37wBMAE&v=APEucNWGpWkm9YlInT3QmuEROBlESBQOdWlc6S4nw-SRKVq_FX73WuvM-7HMEEJXW3KGdf3x5PxW6CDQdpFV8zvCXbhgDD6v8XRCwOVJSsL0kTSJ1Du6Lr1rZ8abVU5ZkLBeNMnVHMXQ1wxv-ydPU8mTJLAQ7NguucCKRUgk3KrtMR4X9ZhtQbU
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b0df8d24-f4d8-4cfd-b1bc-f9e028000f7b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGNPn37wBMAE&v=APEucNVRsh32zj2KuFeC9Se98PcXHhEx-SwkX7cTy6euXntuooYtBKIpGr3PX6DCrDxBdEgAejFf1puKdLedzoYypaENv2euGqHhnsjQS50MrWQk1tXQk9srZoTlTK7L6kLy8furxYXUtI1TPcDPLEOJOpAXPNCsS2lZp2eVdoxfxNhoX3nF6oE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 06:30:12 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 02 Dec 2021 06:30:12 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D1A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yahn8-QWkL26XYLYLHJ0CgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGNPn37wBMAE&v=APEucNVRsh32zj2KuFeC9Se98PcXHhEx-SwkX7cTy6euXntuooYtBKIpGr3PX6DCrDxBdEgAejFf1puKdLedzoYypaENv2euGqHhnsjQS50MrWQk1tXQk9srZoTlTK7L6kLy8furxYXUtI1TPcDPLEOJOpAXPNCsS2lZp2eVdoxfxNhoX3nF6oE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 06:30:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrrggST_x-_kkqJgugd3IQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8D1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGNPn37wBMAE&v=APEucNVRsh32zj2KuFeC9Se98PcXHhEx-SwkX7cTy6euXntuooYtBKIpGr3PX6DCrDxBdEgAejFf1puKdLedzoYypaENv2euGqHhnsjQS50MrWQk1tXQk9srZoTlTK7L6kLy8furxYXUtI1TPcDPLEOJOpAXPNCsS2lZp2eVdoxfxNhoX3nF6oE
Protocol
HTTP/1.1
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
343dc13d-af10-42d4-bbb3-ece89f4edd25
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzRv9ne7pRT3XIcYLsIAv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGNPn37wBMAE&v=APEucNVRsh32zj2KuFeC9Se98PcXHhEx-SwkX7cTy6euXntuooYtBKIpGr3PX6DCrDxBdEgAejFf1puKdLedzoYypaENv2euGqHhnsjQS50MrWQk1tXQk9srZoTlTK7L6kLy8furxYXUtI1TPcDPLEOJOpAXPNCsS2lZp2eVdoxfxNhoX3nF6oE
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:12 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
32e3870f-3a38-4070-98de-c495ffb12b1e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3MjA1Mzg3OTYwOTA2ODE%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F26D
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkBlXtTlT8B-8S26bwc1Deyf7MlBu4bV01OFpYg3W558ClMxH83TWeYGoq6SNoEQiMK2deUmRWSM1gJZtWnlg2Nl2hpza1LGxv_H39LfICjjTOrLHz3J_zJthuMp77_jfQ7tDrNJgFhRq6bqpZcP-9u6i0yW9PbPWVt8oW9uf5CWovDNfEG0FyvM5e8adWa65OH9T8XhcVbEXUTh8afNLsSaVOT-krj1z6fjLhFCtCTashxcrSWHX-RDaN20--8sk7oTwYNRlMa2jBu97rPhbystKABp5cOIsFB8lXbU40kWxpucVLstQH762kTsrcJlNgC9wKpVIxrWszC29Ds1usPL7f2QbanUwYt-abhXh6NeBOIFoeqJFU8mW26lMKIrq3QWlyuxSsNcMtScJZAWcxCMfFU3uBacTi0oHIowzapRfABlMr8S9A7ZVAQXYbO2gr99wPM1yAwY3uD8lmm_3M3zqcvXmGhYnnBQEZ7quPw8jk9U6o6qiyWvHijstLO9O5x5gLCCiXi6NFEuyJUsVvbYo7OkkDQBZE1BBU11fmnAMmPGu_zahrCeTewLFbXfeH2LpIVbBGzmznju4bx85buPXpv5qoRAquhtdVhHxxWEgKf-u5HKpPhre--cLg0iTPzIOcbu1M9YZ983RKEwOZ3ytvDrzQJDl5cWLQT4RzdJ1bY9Y0OvrHdb-QWMcXs3fh249F8n7G_BE8a9nrINFldI2nTzYLEbcCL4WJe_C1jezGwTv_DIoyIs2y3JZSJKCVFiJwXDv2s8mKsxu4HPv0NWkBiXIFsNR5d8_AghUgEA7zdRrYpEXg0EUgzWudw73_kXbewYcRnMuVFiYOC4u2ovA7cpVAfD9XTtXfOD9f2EEfaJV2bYBNiVdWYI48FFFuec8SIAa-9Q06SzTi3n2kpkb1qRsbG8p1jUGe_PjSqBLzXQ6EnqCtCiqbXGmyxSg99vD71ok2X5L_iWZ8MU-BN6xr2YgGGeTBbOk5CgbPYpc-QYZ8PKqI_KAdpT8u4pvKEzkRe1q47w9kjpScOo2M0ECNdaDDD6-FnwsD6Y8zgzaD_J7v_xuNkVE7zox_TinbIeECEfNAUojLR5ZcupYzz93NJw-HGmAYOo0CxHQ-nLk&sai=AMfl-YTaZHE_q2HmWn5s9qPiTn4jLylD7SvAtxnY8wkjPZqhToGsxIUsCEa-DsUuDShFE-VHjSQOp2pJn9HnXsvxkutdZOeyKcP1KF6DfyeCY76Ok7bxNGTFz1OdlnkVa2HN71MN67lJdy7uc1jGOlt8uC_9ZIERINhGcij6jVEnkPB5Skl0V9d-iPIf7yFDlZ8Bgi_mZqr2xh8ZW3H3awZYGQ4yDiGPtywBm7WmiVnPn_qBibRjwhaLCq021mFYfgoQUPfE_9U_SXEJTjJ5XI-t0UoV1x0sD3Xu7n2_TDVOcjLCg5KZeO_plLyP6jfbn8HIzCrMzf9c3ptZ7v_FN85Or6eu4fraax-TxaS50phT0XTXZNhrldbJSE0Mzk1LrAAMxZG3HWQ4iV8QR9A&sig=Cg0ArKJSzNOWwNonNCVsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&vt=11&dtpt=345&dett=2&cstd=0&cisv=r20211130.41453&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 48F2
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuszdmf2c-BMQnTUIJgcnv5n5XJp4v8CNq8jsgSXXS4e-j1AI_7L5n39HvrAbAyHZPrDkM1uPSyGrcW71PB1buNXg2YgI0TNoM2F2yi5VDNdWrKvBXsDyZ9xrCIoZenwqJNz7EyZ_X1DAhTsyN8H0eJVdORNfv6p4Wim-vXEL7neExK2on4O3wKIQ5NVIt5hCkSMdRtqs8LbysqQh-JdziL3N5YUJtgcgrSwjb6XOw8LDQN0Cq7pXehqtAJIU9dN01L1OZ_vN61LY8pfGjh8CcCjiLjDs4M9yQNTlSZFenHfiLVefXNcIR_YTcPQwEaG7DEEbP-SdHDccAktl_TJdOlEwyfn_wuizW1yUbCucxvS6JAbou4UOi1Y6vQPLp4UwRgQoILQMao6I6UOMfpOnYmLysJ1479FZR_FwCdhAu7t9dW8sbcd3MR6lknKGBySVnj6oDzLVy8yIg4kZXjNlTa9zWKuXBxs3dDyWf2m7hstUziGtOmU0K7nv3KjWTuwpiGbydmqSOMExwV5ScyUoqodRK6YLmd-0SPlLMuSrDFoilY4u-3MPzJbvKYEHBNCDixrbRwQSzv9rZoreOO4JRfh9g3pJzrVTHfC4pZ3C79xEie7_iWzcf4vHwY8frYXJcemP8u9OHv7MO7souRjogftsx-iO-6ziINff1mhV6NMno9PIHYp_Biyb7Rzi2SJSR9ivcryfCHgiALQSTDNImg5YyWrXEvk_dRsM3pe_8viJyXC3Vo4ipl_9QjBgW00z0kxMW7Dks3PJwFm67FIykJoDeBqFX1b1sT5UFW5aUpIaDUtSckZCRuuVwWcd__q_pBo8aB0rP3_Od72kQG1LMpYZZXKNmECfj597tGtcbv7VL9nC4rrakRCrj6uMUhtvgUAdbWONRuSzzn6BbFpFKW618wRLMCsdvNsW-7BsQ22A2JULVLsbi8mXFgOwK_76aGA_0vYJvgx14eTUr5b-sRJQQxdry8XEXGW-ZZ9h9fhtaACCvWp_-8-e_tlcGBGikceKptX1TDzIsmcevyaMHQLaYVnkTn-CbtCl4wyeAwXTQRrVozAW-CqYom0MOvw0Fz5XnhXfClBE5S0ZbFiqPbu1ssB5ITHugfYpCbUFkWDRvl&sai=AMfl-YTjTCAvxx2bSv3_n4kt9DAFSQndXps9FBvjQROXeAg4R-h0m18wdADoNgqdFmaGgYaluimhI3z4kMi3mjgOLuGmNHe6uLiV_nW8Pj5hYYAFa7MxvS8HcATCmPt5_NpZ4EOcav-HJKAHxNf9FLycyD_0QoJXB7XFHb_UqY1Lrt4E04xhpPBSAIOVgWoUDX-e7gxaSIbcSJq66YNU5TkL7DY2rwmZR7rvS4rASkrbp9q8UCRz-ZyYuQkOD7EN24zZHQjCiV3LkXDfgSc9h-HVtDGAPs72FCK6QO2hmo42fm-cYmTfA7C1uFIHQTuCb1J1qu9z--SCQOGpNKPy3Zj0p-PzJOes8wskv8IllxFLRDQgOofEFM5D2w4OupScaZztBK5F3FIdLA8YaTY&sig=Cg0ArKJSzHtv48zLFPooEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=324&vt=11&dtpt=323&dett=2&cstd=0&cisv=r20211130.90636&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=260466668&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&ul=en-us&de=windows-1252&dt=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=248450708.1413534137.1638426601.1638426601.1638426601.1&_utmz=248450708.1638426601.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1638426611383&_u=IQBCAEABAAAAAC~&jid=2077590637&gjid=1212427759&cid=1413534137.1638426601&tid=UA-42852934-1&_gid=1277296268.1638426611&_r=1&_slc=1&z=1234107513
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.baixaki.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/
0
337 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=16041074&c3=&ns__t=1638426611388&ns_c=windows-1252&cv=3.5&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&c7=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&c9=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:11 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
CSLR1ErLxojB4BAuEMUSLUX-99romXFtEOLBvHlrF236Mwx_Zkm8BQ==
x-cache
Miss from cloudfront
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame E8A4
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
140967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:44 GMT
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 6545
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
140967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:44 GMT
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 1C4E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
140967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:44 GMT
destaques.da893173.css
www.tecmundo.com.br/desktop/assets/css/ Frame 5AB8
12 KB
3 KB
Stylesheet
General
Full URL
https://www.tecmundo.com.br/desktop/assets/css/destaques.da893173.css
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx /
Resource Hash
9ad30a1a7b1a11a8449fa7a67f971b71051a1840a34b993e5177e961b926c777
Security Headers
Name Value
Strict-Transport-Security max-age=666; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/home/fullhighlights?tec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 13:50:54 GMT
server
nginx
version
2.8.28
etag
W/"1d7e6ba757a9d6b"
vary
Accept-Encoding, User-Agent
content-type
text/css
cache-control
max-age=300
strict-transport-security
max-age=666; includeSubDomains
expires
Thu, 02 Dec 2021 06:35:12 GMT
js
www.googletagmanager.com/gtag/ Frame 5AB8
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144680-14
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f6559faf48cfdbd38a9b7db00bffce74a4eb503daeb1e9d8007ca590d57eb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36131
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 06:30:12 GMT
lozad.min.js
cdn.jsdelivr.net/npm/lozad@1.16.0/dist/ Frame 5AB8
3 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/lozad@1.16.0/dist/lozad.min.js
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tecmundo.com.br/
Origin
https://www.tecmundo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3231679
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19133-FRA, cache-mxp6923-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b728155f84a59a7-MXP
homefullhighlights.20211119153137.css
obj-mega.ibxk.com.br/megacurioso/assets/css/ Frame 4EB7
51 KB
8 KB
Stylesheet
General
Full URL
https://obj-mega.ibxk.com.br/megacurioso/assets/css/homefullhighlights.20211119153137.css
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
46949b0ebfc651245d2b94172d1002e769ba7ae9b602026e9cc6ea0942bef527

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 15:33:39 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
7783
homefullhighlights.20211110184913.js
obj-mega.ibxk.com.br/megacurioso/assets/js/ Frame 4EB7
221 KB
68 KB
Script
General
Full URL
https://obj-mega.ibxk.com.br/megacurioso/assets/js/homefullhighlights.20211110184913.js
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
ec49b33967a90be54e0fa873fd2ec4763ead758efcec3608cd20fff4b9ad3534

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 19:09:09 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
69304
01103728680149.jpg
mega.ibxk.com.br/2021/12/01/ Frame 4EB7
23 KB
23 KB
Image
General
Full URL
https://mega.ibxk.com.br/2021/12/01/01103728680149.jpg?ims=575x524
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
dae477839e4e3d664a28f9c95b6e22288e15674e5878f264762443acd0a5a445

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
Azion IMS
x-original-image-size
184695
vary
Accept
content-type
image/webp
expires
Thu, 02 Dec 2021 20:54:13 GMT
x-ims
Enabled
content-length
23824
version
0
css
fonts.googleapis.com/ Frame 4EB7
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:04:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 06:30:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Dec 2021 06:30:12 GMT
js
www.googletagmanager.com/gtag/ Frame 4EB7
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144680-19
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
564d990d54c16bbd0a737d687d7e8596a3904ff3292ff0b618ee0401d18b35fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36133
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 06:30:13 GMT
01103728680149.jpg
mega.ibxk.com.br/2021/12/01/ Frame 4EB7
24 KB
24 KB
Image
General
Full URL
https://mega.ibxk.com.br/2021/12/01/01103728680149.jpg?ims=690x431
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
cb5441b88cbf4d5f952d238a381951e8bb76d1045dcac2f9b9b895d2bc3889da

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
Azion IMS
x-original-image-size
184695
vary
Accept
content-type
image/webp
expires
Thu, 02 Dec 2021 20:54:13 GMT
x-ims
Enabled
content-length
24462
version
0
source-sans-pro-v12-latin-regular.woff2
www.tecmundo.com.br/desktop/assets/fonts/ Frame 5AB8
16 KB
16 KB
Font
General
Full URL
https://www.tecmundo.com.br/desktop/assets/fonts/source-sans-pro-v12-latin-regular.woff2
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/desktop/assets/css/destaques.da893173.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
Strict-Transport-Security max-age=666; includeSubDomains

Request headers

Referer
https://www.tecmundo.com.br/desktop/assets/css/destaques.da893173.css
Origin
https://www.tecmundo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
last-modified
Wed, 01 Dec 2021 13:50:54 GMT
server
nginx
version
2.8.28
etag
"1d7e6ba757a8df0"
vary
Accept-Encoding, User-Agent
content-type
font/woff2
cache-control
max-age=300
strict-transport-security
max-age=666; includeSubDomains
accept-ranges
bytes
content-length
16112
expires
Thu, 02 Dec 2021 06:35:12 GMT
source-sans-pro-v12-latin-700.woff2
www.tecmundo.com.br/desktop/assets/fonts/ Frame 5AB8
15 KB
16 KB
Font
General
Full URL
https://www.tecmundo.com.br/desktop/assets/fonts/source-sans-pro-v12-latin-700.woff2
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/desktop/assets/css/destaques.da893173.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
Strict-Transport-Security max-age=666; includeSubDomains

Request headers

Referer
https://www.tecmundo.com.br/desktop/assets/css/destaques.da893173.css
Origin
https://www.tecmundo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
last-modified
Wed, 01 Dec 2021 13:50:54 GMT
server
nginx
version
2.8.28
etag
"1d7e6ba757a8e94"
vary
Accept-Encoding, User-Agent
content-type
font/woff2
cache-control
max-age=300
strict-transport-security
max-age=666; includeSubDomains
accept-ranges
bytes
content-length
15764
expires
Thu, 02 Dec 2021 06:35:12 GMT
beacon.js
sb.scorecardresearch.com/ Frame 5AB8
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
10759
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
x8jmpjelLAEI5MxWbgSobDxxg6yp3k5j1jw542H3RF1lCS5CoAWiEw==
tracker.2018032814.min.js
lb.nznweb.com.br/tracker/ Frame 5AB8
0
0
Script
General
Full URL
https://lb.nznweb.com.br/tracker/tracker.2018032814.min.js
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cs
as.cazamba.com/ Frame 4576
4 KB
4 KB
Document
General
Full URL
https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.18.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-18-146.compute-1.amazonaws.com
Software
nginx/1.18.0 / PHP/5.3.29
Resource Hash
581dee063cff2b9a119f8a64890d8b459af7cb9d10668cdd070245ee51d9edc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-type
text/html
server
nginx/1.18.0
x-powered-by
PHP/5.3.29
b
sb.scorecardresearch.com/
0
337 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=1&c2=16041074&c5=12&ns__t=1638426611626&ns_c=windows-1252&cv=3.5&c8=Baixaki%20Portal%20Parceiros%20-%20Not%C3%ADcias%2C%20Tecnologia%2C%20Esportes%2C%20Entretenimento%20e%20Downloads&c7=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&c9=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
PmOCCj8qUHJv7IIohIVVDJHoZ2pelC9i21aOdJL7wSVRfO1EXTjAqQ==
x-cache
Miss from cloudfront
p
sb.scorecardresearch.com/
64 B
442 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=16041074&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=a303cc1b277b3b01&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=&c4=&c6=&ns_ts=1638426613
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
VlObdBmnBqI49NSVcAO1slbUyOGg4jAMaegyyeqdXxjfkrK5N9RRuA==
analytics.js
www.google-analytics.com/ Frame 5AB8
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144680-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3309
date
Thu, 02 Dec 2021 05:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Dec 2021 07:35:03 GMT
b
sb.scorecardresearch.com/ Frame 5AB8
0
335 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8756095&ns__t=1638426611676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Destaques%20-%20TecMundo%20-%20Descubra%20e%20aprenda%20tudo%20sobre%20tecnologia&c7=https%3A%2F%2Fwww.tecmundo.com.br%2Fhome%2Ffullhighlights%3Ftec&c9=https%3A%2F%2Fwww.baixaki.com.br%2F
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
bVrdsSCgKwidt1P74wtK4gsOe5DbbzXW6Xhf-_QnwGnvin-HdAnm5A==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ Frame 5AB8
0
336 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=8756095&c3=1&ns__t=1638426611676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Destaques%20-%20TecMundo%20-%20Descubra%20e%20aprenda%20tudo%20sobre%20tecnologia&c7=https%3A%2F%2Fwww.tecmundo.com.br%2Fhome%2Ffullhighlights%3Ftec&c9=https%3A%2F%2Fwww.baixaki.com.br%2F
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/home/fullhighlights?tec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
vj2RriGO9gul-R6wJaO0GTPwcFrdA4fUJFQIt764XenP33NR8smgTw==
x-cache
Miss from cloudfront
js
www.google-analytics.com/gtm/ Frame 5AB8
87 KB
34 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MDVQM8K&t=gtag_UA_144680_14&cid=894814026.1638426612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
622d5044f2fb47d3145b899db47da77def0ecc13364ac219b7b60f364196a114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34950
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 06:30:12 GMT
profiles.js
d.tailtarget.com/ Frame 4576
13 KB
5 KB
Script
General
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:55:47 GMT
content-encoding
gzip
age
45265
x-guploader-uploadid
ADPycdsgO1w6cPv0g5WrOO3qMIwiMCV-fjEwklqa5ARyI7qSLW1GsTOlV4eUispFSbf_BxyrCSpc5mFChwd3B9WKVAM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5285
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"b8c76dc45116253f6649e4a5049e4d10"
x-goog-hash
crc32c=f1OzIw==, md5=uMdtxFEWJT9mSeSlBJ5NEA==
content-language
en
x-goog-generation
1632418656181594
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 17:55:47 GMT
universal.min.js
tag.navdmp.com/ Frame 4576
12 KB
4 KB
Script
General
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 19:20:03 GMT
server
cloudflare
age
2313
etag
W/"618c1b63-31f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6b7281573bb13763-MXP
content-type
application/javascript
expires
Thu, 02 Dec 2021 06:51:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8A4
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJu-B6meoYYuRC8eyx_AP0_2o8A8AAAAAOAHgBAI&bg=!ERKlElbNAAaQHwIOkB87ACkAdvg8WjkPQjYfdZQLESxVNuUkMMjkiAX-XU31stsbdxINAuQNoXS-kwIAAAEkUgAAAA1oAQeZAxKv3uwtVByA4xl5Txo9FQNtQ6ixbrCYFaQdmJ060FUWoAbdZqtd3le0lQl2SfLVUvWWG5TPnhp4JDvHYkDoWHPgBN3aVJrF9jMlh47gn3RqsnY7qBLQ89797DtgARgi2D519uU8ZIv9B6NSJJ_pcuUw3fSqpyXlqG7MLCky896JefhuGoRO6cpaMChlLGQ8jMtO60rmBZT_kos3S_ONVjCjUaTrKPnv-xHJzZw0BvsCAdrhf4izOMEt52qtp9v1yQVeBvcEqvD5LKYcrxzDpCOSoP3GpOee_Z9gl9s7HDQOY7OFxyf2aHQwaqRJJsjzjv1IJIrxz5wxbJJ1NnuBumZ2Ghz3eTIz_0o4-G9tJajo-OLvWRB5dWuf1s3KTfY-UyVxZG-EWiOROISv9BO-YbPaOkaXQezdC5xFVYPzkKJdgiF3yMkyjRir61eGb-7lxpujBC85aMqMZdFe8-BbrJi-s7y-ZjciB8VNZ26QqI4K90QqCFfVcHO0-3s5nxQ1p1LOhkzdG8-N9sX9eG8OAyDpb3OyDwBg-z6ylFfvjcKBQetrGS7wMYzCJ2iuxh7sdzR6pFaiymQsNMPnqPaLpYYGP1PhaNwzV_jskFpokgdUJ8kg2ZUVyyBUO5xwYpf2wubUmt4oYgeDgjs76oaAhHcs_Ut2aaPIqi5m4KrnJj-HgVCL_G69Wzlp9uiu0slQ-7tIKD-79n7T6S1lAk63bMEF1CUotFSqCcNW9AJShIaz-nokNI05XnwFSLFlVfmk1l8O8h4Q3l77ZhBwRQhzZP8PzRkczSuP3GBG0Z0J9B9oS8Za_rz9JMO7d_GTb_bYNv4Wvx_9NqJdydemcMRvs5BXLUY4VPvdJOkvDZ6x3ifXxONFE9puVTsOpHxxY8uMIHX7dlK3RSZaq5JEYUV5dXXCm3x4l1T7NAtwyovnD3oEWPfatbnUaKLhmHu298TuDbv7NwWmL9hDxR3kflig98Lg_6hYJRc3uaV8LvRCLdasqSimF2FnLAOT4gW9iU9MrexC3ZmAY6IHxpweVMqGTo-CyOk
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6545
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bfadt6meoYYmRC8eyx_AP0_2o8A8AAAAAOAHgBAI&bg=!JCelJ2PNAAaQHwIOkB87ACkAdvg8WiwiZEoNAVb7m1tIN0XeutSciNvqYxcqsecsuGpLKLuPvZMTOAIAAAEXUgAAAAxoAQcKAFBZaiawr3Co8rU9u61SR7Y65QucIfe-qappiQkOBSMBElQB-vBuQD5pETk0gEWVxqhnwVcjfLaDYmcptJosh5Oz1RPYg-aCO10r_gIfgB4vRZkDDFf0N_2O8QszPXJyQvYc7N20vowOQ5Bnlst_CbKd1uSj70c84-c-0DhlchMRYsTG24XRsIsCzgIu_OqHvMkicmjduUG8wFe_Y4WiYt_RcmV11F0coNo2F42tEHmO9GGeAvuCBY9pypC-6rFUXIPgL-SToZU9UL4fC3-w9aYv0NMHA_W9icn6Ls9m9gk0JgoHpnhqDucw87gQheOtsTFU32HhJg9ISY-HrNmz0G5v42_tutxBTv819FipXje9jNdaxRipXnGSNDQRSznx8Td-IBja2PX9gVkrtNN4hWQhbDKiTBXSMs_9OFPugRQvShlFtgZBwBVbx3hTCRs0vrE1lVfeFRpCF19d58uYEioS1NbKQIfb4VTzAUzbPwULegL9FWlSGlND_NMMe6WirdxKn7AEzHTkVUfPjwInwpLwjEjwHboSUWwqXHkWF8baxgeaXRXpQai7tGZbhaFJJKBPsfX3KhJOhYE6fzumHCTgmc00wma1IvC5zFCyi5sNNLbN3sZBy1CTeBrOtsXhAyOey8RW-ycJufxOSaTSMdzt6lAGrEV2Zos9_qcEoH1P5XV0gEBG-SvxOhikz5mHxoKVR2lUaYMgyfeFoDVTpMdf51os5nhR7EGbxIGP6f-qo6DVjUuzLul4tWw49UGPXK2FDybEQc0en9kJ3p7A6HC9H57_DzKtOw3maF2BrDB5-yLxKAK7TcK3hAEFyha1bFdXUHqTgWb3d6DKaEetAvkBj80kmcaSoAb-3Nds_x_oZ-N6TsAW1ZXhzmTShlwK4VBFRad33Ssj3cWN1j2xon_Kl9wtE0i809FGp3eQH9RIpH_04hy-VTjQGoJ4CtqP3UzDUM_zyfT4I9d1QFHoMqIMukq-BfVyPxKTy2vgpA5pO1BtHCiD5IWQL3-k7RCC7gUj2FeaTay6TQb16q-XV8aJ_9R3qn2s11uZYMBssBs63I3CRn7OrwGHG5qeAz0BRjzOWFkSCcvGB4SiuurRumW6EcDU3gcAPJ7c4nUjqX9oNFW-Kd85unvMYxdyxln04w
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C4E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuluF6meoYYeRC8eyx_AP0_2o8A8AAAAAOAHgBAI&bg=!HxylHFjNAAaQHwIOkB87ACkAdvg8Wm7jspjPQE6oRpR4zrqYO2koPvzRmHzwA2vdmEZeNwob8Fe9igIAAAD9UgAAAAtoAQeZAwZi39LGQcl-I2b-8JrWlLmRPFTvzufo7hGfGzqCafcNRMpRAWpVs5y255BUYDZMLEvloFdbVu3BlwLhskTy3unridm6zEHaq43qq08i4RdcDd_n7PhqyGlEmZV200Cseel5jAJ_pfvso4Dwc3WKpo5r69Jjjrm403QGpqeilaoy4JvktMUKGvGcR7alppsuC6Rv_wSu_W4CfA_vnn2MXHC4YHpA-m9_d5B7tari7p_2lnCXcwVukm1eJ5ZEJdKPJqiZ-iBMo1uAsDHYztU4rRmGg2TixPgxB3eqeUdq3CQa5NPRN09eNMHKmXD76j7zAbZdxuAfNCKIk0Kiry8Ra-QwtWsNzKcrn7WcZyLndx09onuP4X-XUdhnv2jAB4nCJHaTfpEawq9QfMbqGlhveVSXPbffOqXzubjo7br_H7CiNxQwnJVmC2O1OOJMHGMd8cicAGpIEIMLH4NPaRTI-dUOyTucvq1JxzUzBoKndKAqFJr60WkkUXpuBKIk89GiZlyoYgdi7Gg1bEv8uCZDqbDk-fH13le5FMHy7qae2_raAqv4IOnRtGRiP43jq1Ikn-aPovGcx9ml7eNmmyjTzkwvPX25nE-jT_zHPhKFxF7VUIAxXae11eJEncynRspp2t1L4LEIeyRe36XPuR1grKiytFyI6jJJavRRfYgcGTKSB7SI7Vcqwp6b9olWN-r87B68_ENq_jZVfR1YOnFSOl1Dhnu4yp6XUAsE1X_kJAh5pxUXX9MPJvTNFllrHWSPa41wmlo7ZJfUSCvb3pRIAc8aygfJ0EImpq2Sn52lDf0oMOwwtaGkDVcILy6MLXKXyP1YZXLTp8ObAv_562yaA7NPfzjZEqbNB_628nOZiG4BCPcGQGsUXpJ_NKkTYFxFoS8ukXg7z0WfVKapqfy_edrGQ0tzPOg0cCbgOfdDpiNI-cRiLywfzOBxoeEwZZU2lVGsdQ9yYzfnXcA_Zxl9ud3Mog9XcQU-rXTiN8YcBuqybplr0fqt6VVCpcC9LpRquE_lme1BUbQ
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile
d.t.tailtarget.com/ Frame 4576
92 B
155 B
Script
General
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
clear
expires
Thu, 02 Dec 2021 07:30:12 GMT
collect
www.google-analytics.com/j/ Frame 5AB8
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1781808542&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tecmundo.com.br%2Fhome%2Ffullhighlights%3Ftec&dr=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Destaques%20-%20TecMundo%20-%20Descubra%20e%20aprenda%20tudo%20sobre%20tecnologia&sd=24-bit&sr=1600x1200&vp=978x420&je=0&_u=6GBAAUADQAAAAC~&jid=537136190&gjid=1666588273&cid=894814026.1638426612&tid=UA-144680-14&_gid=272180599.1638426612&_r=1&gtm=2ouba1&z=1226364902
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tecmundo.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tecmundo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
44768
tag.navdmp.com/u/ Frame 4576
590 B
520 B
Script
General
Full URL
https://tag.navdmp.com/u/44768
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 05 Nov 2021 18:14:27 GMT
server
cloudflare
etag
W/"61857483-24e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6b7281579c493763-MXP
content-type
application/javascript
expires
Thu, 02 Dec 2021 07:30:12 GMT
collect
stats.g.doubleclick.net/j/ Frame 5AB8
7 B
28 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144680-14&cid=894814026.1638426612&jid=537136190&gjid=1666588273&_gid=272180599.1638426612&_u=6GBAAUACQAAAAC~&z=995801584
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tecmundo.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 02 Dec 2021 06:30:12 GMT
content-type
text/plain
access-control-allow-origin
https://www.tecmundo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
vx.js
cdn.cazamba.com/dev/
121 B
351 B
Script
General
Full URL
https://cdn.cazamba.com/dev/vx.js?v=5
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5343c7a2c5c03d6beed4539f55e4e972871fc4aa35d279a62237960fd922ac96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2018 21:15:23 GMT
server
AmazonS3
x-amz-request-id
XBQ2QHGXHBP8JE3V
etag
"7b77566780860d41288ac4120583f4cb"
x-hw
1638426612.cds064.lo4.hn,1638426612.cds063.lo4.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache,no-transform,must-revalidate
content-length
139
accept-ranges
bytes
x-amz-version-id
null
x-amz-id-2
xpPVq45d3f+ycdvYLwWROwr56uzfPgZvt35AL109JPgb8SPUNWRHlHRNjyWf5Y+FQfnd/Emc2nc=
vec.js
cdn.cazamba.com/common/
1 KB
794 B
Script
General
Full URL
https://cdn.cazamba.com/common/vec.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cdd22e067545f77d4168806ab785103e5702b8976e5f77c5e811e4118f817a6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2019 16:14:29 GMT
server
AmazonS3
x-amz-request-id
NH27FZ6F7SHV7YEP
etag
"ce7ecf48a3e2ed43c1dfa6cafec8d87f"
x-hw
1638426612.cds064.lo4.hn,1638426612.cds067.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,no-transform,must-revalidate
content-length
522
accept-ranges
bytes
x-amz-version-id
OnhU4J9fP.kOF6YZfw9LuiFYySBmurSx
x-amz-id-2
eb1mMoi9j9TMFN9taopJTm/uXwmKpYdYvbM0afveI1+DPkWQXp8EdVJl3pn9pOY3iW5bS1Y2OBY=
desktopFooter.min.js
cdn.cazamba.com/adx/
5 KB
2 KB
Script
General
Full URL
https://cdn.cazamba.com/adx/desktopFooter.min.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ead5ff764075d6bc2632b073703798e0650a4ff1ac67a80835960b3455edb44

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
last-modified
Fri, 06 Nov 2020 17:07:58 GMT
server
AmazonS3
x-amz-request-id
X2ZJ51YSJMQEJ7RY
etag
"551adcff3cb53f17ebf0d1e05004e298"
x-hw
1638426612.cds064.lo4.hn,1638426612.cds087.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,no-transform,must-revalidate
content-length
2207
x-amz-meta-version-id
FNXi1ZCweVe4_NjxpKH2MP8pk.41j_Fl
accept-ranges
bytes
x-amz-version-id
ixS3_Ja8ehUm_9ig7xrYx0MEYejVrmHm
x-amz-id-2
hyob8bbFC0R/ksKxyRsvBxi9a6CjwJIJv0hmgh+C+w+punZ12Qd43yf5wPeHgxEaDJtQxkdXA7k=
ga-audiences
www.google.com/ads/ Frame 5AB8
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-14&cid=894814026.1638426612&jid=537136190&_u=6GBAAUACQAAAAC~&z=1303591979
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ Frame 5AB8
42 B
63 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-14&cid=894814026.1638426612&jid=537136190&_u=6GBAAUACQAAAAC~&z=1303591979
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
78 KB
26 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.cazamba.com
URL: https://cdn.cazamba.com/adx/desktopFooter.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e624b798238ee5ceb3ec514a20cdf1d5bbdeec52ce1de9898bd007b61afc1d1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 269 of 1000 / last-modified: 1638400030"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26890
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Dec 2021 06:30:12 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
62 KB
30 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1527440362662624&correlator=4264467870436736&output=ldjh&impl=fifs&eid=31061815&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211202&iu_parts=17279704961%2CDisplay%2CFooter_Desktop_B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cust_params=category%3Dhome-portal%26tt_Age%3D%26tt_Gender%3D%26tt_LifeSty%3Dna%26tt_Intere%3D%26tt_TimeFut%3D%26tt_SubSegs%3D%26tt_Renda%3D&cookie=ID%3D1d3e287baea0a93f-228d72e828cc00aa%3AT%3D1638426602%3AS%3DALNI_MZ79KmGIofJbQno9wA5KTBk0qr2WA&bc=31&abxe=1&lmt=1638426612&dt=1638426612059&dlt=1638426600334&idt=1147&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=2836067115&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.baixaki.com.br%2Fportal%2Fredir-partners.asp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1413534137.1638426601&ga_sid=1638426601&ga_hid=260466668&ga_fc=true&fws=516&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bf85387414617a5a40179356a22dbccaa08b3a9acf5e704be25e52a9a965e9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30809
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usr
usr.navdmp.com/ Frame 4576
2 KB
867 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=7&acc=44768&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce8c2b7274efc80d45249ce3a27514a454db2520f31480cea53319b3bc24dff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Dec 2021 06:30:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b7281599f7f3763-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Thu, 02 Dec 2021 07:30:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F26D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy3-YHVkY_HOBt_Lx9i6LVaoF9dxMt_fwEeYb1CKcCT3Y-4HhOtKU7di6rPUIKw8ZF0I-blKCNgCADVl9EUuAZejv-Uw0lA-jR4-Wa&sai=AMfl-YSQBsogjfROnCmpvy1BE-1Xs3y3I_tWGT3LayJl5BM6_dsNHpyaOrjhKEv5-Pbn-C4cN_CGjC9-wzIrW-nwtXBYWMwpu0XGR94kzes_OKaCvjDgb3jjusPzYiMfpGY&sig=Cg0ArKJSzH7LC1NIlsfaEAE&cid=CAASFeRoN00A48t8X3Th6aeuvP6ATwCmhQ&id=lidar2&mcvt=1000&p=655,983,1259,1283&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&app=0&itpl=20&adk=891476953&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638426610885&rpt=409&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F670
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthYbW29KABs49MWvxc0qPVa-M6k7N8wPE2l8rBggwtkMJbV3wJttSd9vQ_svPEcVwSmtmNE-VlvsNQgDLn_-adsncAvbMZaen9THFe&sai=AMfl-YQs8jWQznMp61oPb6wrahG8A84TQXbqkWkpuf59y_H78yR6D8P0PkiKQdCZmS0sJzMOKFegLgzIMd4c1i2MpktyhqxOES5rIbJDEAmEVoRm39sRpoz0mNtCjaaEIlc&sig=Cg0ArKJSzGo7EJLBeHT2EAE&cid=CAASFeRoswWlHScfDAW9A2S1ATeHIueBbw&id=lidar2&mcvt=1004&p=383,983,667,1319&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=4147225988&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638426610870&rpt=406&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 48F2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNNT9ZuWhmRfoYNudy-Y3kSBC7778_RPhpQ66egnzgmJ5VnhVaLkjsSHlLPObVsXyeEPGAOzRKhHujaPBkEQ6KUilfC9XlK3aexagf&sai=AMfl-YQiaL--Uai6QSplBblMEMAdkb2pypqkw7mObf5OcPfsmC0lVRFpToqEgtRV5lDf1jtnoX8e2bEGvJlqsmMzRymJeTBzV6naC3-7UL2-vh1NDHHc1ODWhVWQmedLW9s&sig=Cg0ArKJSzM0Bj-bDlcUoEAE&cid=CAASFeRouylx9bsRj1DuB6TqJ_P40w0Fmw&id=lidar2&mcvt=1000&p=950,315,1204,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=4075830709&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638426610927&rpt=419&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ Frame 4576
6 B
82 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=7&id=fcd20e6ae5fb18f93d5d70c3909%7C0&acc=44768&tit=CZMB&url=https%253A%2F%2Fas.cazamba.com%2Fcs%253Fpublisher_id%253D930%2526g%253D1638426612&upd=1&new=1&ref=https%253A%2F%2Fwww.baixaki.com.br%2F
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b72815b9a7f3763-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
cs
as.cazamba.com/ Frame 4576
0
174 B
XHR
General
Full URL
https://as.cazamba.com/cs
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.18.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-18-146.compute-1.amazonaws.com
Software
nginx/1.18.0 / PHP/5.3.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
nginx/1.18.0
x-powered-by
PHP/5.3.29
content-type
text/html
sync
sync2.navdmp.com/ Frame 4576
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67865994926
  • https://sync2.navdmp.com/sync?prtid=2&id=67865994926&google_gid=CAESEKGBw8_eRgfhfRz8agj4qcY&google_cver=1
6 B
58 B
Script
General
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=67865994926&google_gid=CAESEKGBw8_eRgfhfRz8agj4qcY&google_cver=1
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b72815beaf13763-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync2.navdmp.com/sync?prtid=2&id=67865994926&google_gid=CAESEKGBw8_eRgfhfRz8agj4qcY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame 4576
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
42 B
327 B
Script
General
Full URL
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
access-control-allow-credentials
true
alt-svc
clear
content-length
0
sync
sync.navdmp.com/ Frame 4576
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=Yahn9QAI2wUOCgBR
  • https://sync.navdmp.com/sync?prtid=17&tubid=Yahn9QAI2wUOCgBR&_test=Yahn9QAI2wUOCgBR
6 B
58 B
Script
General
Full URL
https://sync.navdmp.com/sync?prtid=17&tubid=Yahn9QAI2wUOCgBR&_test=Yahn9QAI2wUOCgBR
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b72815cbc273763-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638426613.204970,VS0,VE0
x-served-by
cache-lcy19274-LCY
x-cache
HIT
location
https://sync.navdmp.com/sync?prtid=17&tubid=Yahn9QAI2wUOCgBR&_test=Yahn9QAI2wUOCgBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
navegg.php
gu.dyntrk.com/dp/ Frame 4576
0
215 B
Script
General
Full URL
https://gu.dyntrk.com/dp/navegg.php?pid=nav3gg&uid=67865994926
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3198892.ip-135-125-160.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sync
sync.navdmp.com/ Frame 4576
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=67865994926?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=15478/tp=NVEG/tpid=67865994926?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
  • https://sync.navdmp.com/sync?prtid=38&lotid=1c7a7fce645edf31458fce4c3dd18f2
6 B
58 B
Script
General
Full URL
https://sync.navdmp.com/sync?prtid=38&lotid=1c7a7fce645edf31458fce4c3dd18f2
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b72815c8bd03763-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.navdmp.com/sync?prtid=38&lotid=1c7a7fce645edf31458fce4c3dd18f2
cache-control
no-cache
x-server
10.45.5.243
content-length
0
expires
0
31435
tags.bluekai.com/site/ Frame 4576
62 B
304 B
Script
General
Full URL
https://tags.bluekai.com/site/31435?id=67865994926&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 06:30:13 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
cm
trc.taboola.com/sg/navegg/1/ Frame 4576
43 B
231 B
Script
General
Full URL
https://trc.taboola.com/sg/navegg/1/cm
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
27
pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1638426613.163352,VS0,VE27
x-served-by
cache-mxp6978-MXP
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 4576
0
338 B
Script
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=fcd20e6aec00c98a9e831200b09
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.131.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-131-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1638426613
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
sync.navdmp.com/ Frame 4576
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=ed5c61a8-67f5-4c00-88cf-73b16bff9674
43 B
130 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&mdia=ed5c61a8-67f5-4c00-88cf-73b16bff9674
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6b72815c8bcd3763-MXP
content-length
43

Redirect headers

Date
Thu, 02 Dec 2021 06:30:13 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.navdmp.com/sync?img=1&mdia=ed5c61a8-67f5-4c00-88cf-73b16bff9674
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 02 Dec 2021 06:30:12 GMT
cms
cms.analytics.yahoo.com/ Frame 4576
0
0
Image
General
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

sync
sync.navdmp.com/ Frame 4576
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=822&dpuuid=67865994926&redir=https%3A//sync.navdmp.com/sync%3Fid%3D67865994926%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=67865994926&redir=https%3A//sync.navdmp.com/sync%3Fid%3D67865994926%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • https://sync.navdmp.com/sync?id=67865994926&adID=64294456141303181482293558259345769997&img=1
43 B
97 B
Image
General
Full URL
https://sync.navdmp.com/sync?id=67865994926&adID=64294456141303181482293558259345769997&img=1
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6b72815d6d1b3763-MXP
content-length
43

Redirect headers

DCS
dcs-prod-irl1-1-v020-01ad25bfc.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ZhoF+ST5SOw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.navdmp.com/sync?id=67865994926&adID=64294456141303181482293558259345769997&img=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.navdmp.com/ Frame 4576
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
  • https://sync.navdmp.com/sync?appNx=41720538796090681&img=1
43 B
96 B
Image
General
Full URL
https://sync.navdmp.com/sync?appNx=41720538796090681&img=1
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6b72815cfc873763-MXP
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 06:30:13 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
06156514-efc0-4b83-8950-49896aa0f0c7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.navdmp.com/sync?appNx=41720538796090681&img=1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync.navdmp.com/ Frame 4576
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=u7695wg&ttd_tpi=1
  • https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=2baa896d-bf17-44e0-8499-0a55e3f327c8
43 B
96 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=2baa896d-bf17-44e0-8499-0a55e3f327c8
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6b72815d3ceb3763-MXP
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=2baa896d-bf17-44e0-8499-0a55e3f327c8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
getuid
sync.smartadserver.com/ Frame 4576
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
0
436 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
container.html
3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 44E9
6 KB
3 KB
Document
General
Full URL
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 06:30:02 GMT
expires
Fri, 02 Dec 2022 06:30:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tp
px.cazamba.com/
31 B
508 B
Script
General
Full URL
https://px.cazamba.com/tp?t=XReKSdn232i7OBnAOtqf9uWo4uEUTDxLEix3dV%2FVt%2FCYSRR2Eaj581guLih2XBFFbFGpsVwIE9Wnk%2BjDaQtKBW9B7JLrINwJupMSVUIckswMhAM6y%2Fn3KZpB41pwIGZve5owuw%3D%3D&tp=print&g=1638426616&nvg=&type=js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.32.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-32-80.compute-1.amazonaws.com
Software
nginx/1.18.0 / PHP/5.3.29
Resource Hash
12c7cf50f3c9644548c159995989043c52d2a525229637c499b511e090602d43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
nginx/1.18.0
x-powered-by
PHP/5.3.29
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
cache-control
no-cache
access-control-allow-credentials
true
tpa
px.cazamba.com/
35 B
504 B
Image
General
Full URL
https://px.cazamba.com/tpa?a=10294&b=930&c=print&g=1638426617
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.32.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-32-80.compute-1.amazonaws.com
Software
nginx/1.18.0 / PHP/5.3.29
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
nginx/1.18.0
x-powered-by
PHP/5.3.29
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
cache-control
no-cache
access-control-allow-credentials
true
truncated
/
829 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91f70c3d4de12fb759a0f2da69d78342d50484a4c501a87a56f9273bb14fcb35

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4EB7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megacurioso.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options
nosniff
age
123738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4EB7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.megacurioso.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:45:42 GMT
x-content-type-options
nosniff
age
53071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:45:42 GMT
01103728680149.jpg
mega.ibxk.com.br/2021/12/01/ Frame 4EB7
18 KB
18 KB
Image
General
Full URL
https://mega.ibxk.com.br/2021/12/01/01103728680149.jpg?ims=510x319
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 Enfield, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
25459beda4f69f421c6fcb39f6973db8bed017a80e0b0b4bd257e80ed5673861

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
Azion IMS
x-original-image-size
184695
vary
Accept
content-type
image/webp
expires
Thu, 02 Dec 2021 20:54:14 GMT
x-ims
Enabled
content-length
17968
version
0
beacon.js
sb.scorecardresearch.com/ Frame 4EB7
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
10760
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
5WqGzP0czsBsgCGS1war6Mcb7Rw6eVkvSbYgBDOREIMUR9cEbjQpkA==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0A7A
640 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKve37wBMAE&v=APEucNUymJvmTAb6lyWwi7ypX5Qqcdxc_HZg5DVorEm8UT5uHHlN3jOIAMyERLUUkQMJdC2612L3mjVtKkxnL8jqhT4f5KWAt23ILBBN3x76VJ6mzPxBWPccC_3f-be-zrVQzcokI8CaCHoD-KkKLcmoLzmR-x5MmZWmESv7unsuFiMjUfuapl0
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 02 Dec 2021 06:30:13 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame 44E9
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:17:06 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/ Frame 44E9
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:26:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 44E9
0
24 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqoJ06XZWUwlWsu1O8lWwcBnP1dHxJRJ_4Hm8T244enatP1Lt8KjB-rsNnArsyJ08mAmBc7D07F7ZAgWMpK4ipwyF2txfwKKAzn2qYm1P-uv9mtTXE_p4sI7KoUxTsEkEptdvbak6gR2dGyny_hjInIBBb7EPSnSQYuVHia-PPU1FnwJcTVhg4ZtvkRqsB7l2vfxolcPE1KlmCXxNvaT2SN6RLam3VyyCPQL1qXiDDxPTx63SyxS3XHGWUq0J0tK_uhB_YJTDXCNsURYFitkJVgqPqdkCJO3OlDnG0mSV6sLA1aZ7oJVXrVQpDAfoOMrMtxiRjNf8tcq7FbOIa4EM6zUD8h_zijjfMJnH6HaoJDflrj2GDHT5CZlJDcUPNr5_D5CJHDb0DNdnIMorU3oFGGZS4Sy6KKdsZ_2hYCXClZ9RACPLHA7YwjoSb4puBALssYvHn-kYbNnGhjsvHewtIzWjuxSHdcOVRBaDsIdinlCdDaTsWoUG9coAB8RelLV1iAmid4CnzbcdFmiZoatxFW6wNfAJFfhPGoSRrEdffATNUy0GV60LNsy41EoI3nbeS70RamUJ_zw7aZRF6387m2xrRARD1QSLZMXNvBkMpQ0lN_H4sfJyLpUrwWeIzFS7kZkgimBddagWNL5uoHvC-3pFu0v1_OscU0gqqsxzkiZtXCVUbWbsZDy2nAisQRk6pUba7zZoxw29okWIooHHu4CKEqqyL0JSGxOmOzR0bUuUjTDcH4D5Bka6nhwkce0FcyodX7XoL4uniQca2Ni7VHmWOrFf_qCyovZkZdEUac2SaM83qiPFVNZBH8qERBWCT1VcoQ_T38WZJenkRGmCXjZGuGA9uZIluW1EED-8VXSR7uDdArV3EHgbNUra4nOPDgi6mEk1jbSGuSbfwc6hsfyiqZc56ALtSUlbFvvhiXQyyw5O7iNZ8Ph5hZavnQgR9rwmZAVpNdXibUv9_NAbMB6hRY6IG-TN1FEn8AmuUBywWe6SeeX7ky9JpDNqTEGxkcCS9Tf1tPIdjGCWemSWTbbfqz9uz0dJDSrbdPhhA9S-0QgkqBqk5n_xexn87Wz6iEtgqsWbZbGd-57bqXn4HQw5JLv36KJ0B4GOBtcYLn8QyhoX8j7UP3XpFC-SwSYjd&sai=AMfl-YSFUFfrwxTxqNPr_MmcFG-KhkQxqmAvrBM0iC6i5pvypXDYTzjfWf0B2MAuYi8C7yERbClQvJVvyCLMHDSBiGaatKTYKQuHzgA7nP6CafSOm9Ge8yat5RcYGnTdbICXF61NbIAmbiHSZWDfAMuRQaANX4ymKMW0uzjsbaEPSDfnPwXDPOV8iyscaoMsEChNVtuwtK5fXSKIwszm0r7FfYlSjikv3SmWCj8eo2rypCT20SdKHYaNShTKgXwEaLgzsze3G44a5HXguMuE7GcXJvt86B_dHNIsWv4eLS0&sig=Cg0ArKJSzF0lWlUk1Y2AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211130.23255&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 02 Dec 2021 06:30:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 44E9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 30 Nov 2022 08:11:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44E9
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHxwqpv7PwghRxy6AhJ_Yks8asfjEKi73vVOpwfrOv-RldWbj6jI86-HX4g0qsbGNdVAQ5go112Ru5NaI3lo1AOZnE2YojZd1tRhfOgHeNnDUf6Ug
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 44E9
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1963
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 05:57:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44E9
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 06:30:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 44E9
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Dec 2021 06:09:39 GMT
18233124104374876
s0.2mdn.net/simgad/ Frame 44E9
46 KB
46 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/18233124104374876
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d75fa7cb88beee887f6674a44b97fb33886272057a41d406dc346de223f9572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:19:22 GMT
x-content-type-options
nosniff
age
47451
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47007
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:35:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Dec 2022 17:19:22 GMT
b
sb.scorecardresearch.com/ Frame 4EB7
0
336 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8756095&ns__t=1638426612613&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Destaques%20Mega%20Curioso&c7=https%3A%2F%2Fwww.megacurioso.com.br%2Fhome%2Ffullhighlights%3Futm_source%3Dwww.baixaki.com.br%26utm_medium%3Dreferral%26utm_campaign%3Diframe&c9=https%3A%2F%2Fwww.baixaki.com.br%2F
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
LTObsm8IPztWD-iKo4dRP-cT0AGZLOeKDwhYG_io_GRlUnlj8IbJWw==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ Frame 4EB7
0
335 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=8756095&c3=2&ns__t=1638426612613&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Destaques%20Mega%20Curioso&c7=https%3A%2F%2Fwww.megacurioso.com.br%2Fhome%2Ffullhighlights%3Futm_source%3Dwww.baixaki.com.br%26utm_medium%3Dreferral%26utm_campaign%3Diframe&c9=https%3A%2F%2Fwww.baixaki.com.br%2F
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
LtstdU4Y_6yaIBNDR0cQT27BQp2fYnSSO3GRKNn166hn1Cx0S8th6A==
x-cache
Miss from cloudfront
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 609F
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 01 Dec 2021 13:26:12 GMT
expires
Thu, 02 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
61441
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 119B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 01 Dec 2021 18:04:59 GMT
expires
Thu, 01 Dec 2022 18:04:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
44714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ Frame 4EB7
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144680-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3310
date
Thu, 02 Dec 2021 05:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Dec 2021 07:35:03 GMT
truncated
/ Frame 44E9
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
596f6032c38c2ec25840c5c71e6c22db5c70d005be3af0207f56594fb368c68f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 44E9
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqoJ06XZWUwlWsu1O8lWwcBnP1dHxJRJ_4Hm8T244enatP1Lt8KjB-rsNnArsyJ08mAmBc7D07F7ZAgWMpK4ipwyF2txfwKKAzn2qYm1P-uv9mtTXE_p4sI7KoUxTsEkEptdvbak6gR2dGyny_hjInIBBb7EPSnSQYuVHia-PPU1FnwJcTVhg4ZtvkRqsB7l2vfxolcPE1KlmCXxNvaT2SN6RLam3VyyCPQL1qXiDDxPTx63SyxS3XHGWUq0J0tK_uhB_YJTDXCNsURYFitkJVgqPqdkCJO3OlDnG0mSV6sLA1aZ7oJVXrVQpDAfoOMrMtxiRjNf8tcq7FbOIa4EM6zUD8h_zijjfMJnH6HaoJDflrj2GDHT5CZlJDcUPNr5_D5CJHDb0DNdnIMorU3oFGGZS4Sy6KKdsZ_2hYCXClZ9RACPLHA7YwjoSb4puBALssYvHn-kYbNnGhjsvHewtIzWjuxSHdcOVRBaDsIdinlCdDaTsWoUG9coAB8RelLV1iAmid4CnzbcdFmiZoatxFW6wNfAJFfhPGoSRrEdffATNUy0GV60LNsy41EoI3nbeS70RamUJ_zw7aZRF6387m2xrRARD1QSLZMXNvBkMpQ0lN_H4sfJyLpUrwWeIzFS7kZkgimBddagWNL5uoHvC-3pFu0v1_OscU0gqqsxzkiZtXCVUbWbsZDy2nAisQRk6pUba7zZoxw29okWIooHHu4CKEqqyL0JSGxOmOzR0bUuUjTDcH4D5Bka6nhwkce0FcyodX7XoL4uniQca2Ni7VHmWOrFf_qCyovZkZdEUac2SaM83qiPFVNZBH8qERBWCT1VcoQ_T38WZJenkRGmCXjZGuGA9uZIluW1EED-8VXSR7uDdArV3EHgbNUra4nOPDgi6mEk1jbSGuSbfwc6hsfyiqZc56ALtSUlbFvvhiXQyyw5O7iNZ8Ph5hZavnQgR9rwmZAVpNdXibUv9_NAbMB6hRY6IG-TN1FEn8AmuUBywWe6SeeX7ky9JpDNqTEGxkcCS9Tf1tPIdjGCWemSWTbbfqz9uz0dJDSrbdPhhA9S-0QgkqBqk5n_xexn87Wz6iEtgqsWbZbGd-57bqXn4HQw5JLv36KJ0B4GOBtcYLn8QyhoX8j7UP3XpFC-SwSYjd&sai=AMfl-YSFUFfrwxTxqNPr_MmcFG-KhkQxqmAvrBM0iC6i5pvypXDYTzjfWf0B2MAuYi8C7yERbClQvJVvyCLMHDSBiGaatKTYKQuHzgA7nP6CafSOm9Ge8yat5RcYGnTdbICXF61NbIAmbiHSZWDfAMuRQaANX4ymKMW0uzjsbaEPSDfnPwXDPOV8iyscaoMsEChNVtuwtK5fXSKIwszm0r7FfYlSjikv3SmWCj8eo2rypCT20SdKHYaNShTKgXwEaLgzsze3G44a5HXguMuE7GcXJvt86B_dHNIsWv4eLS0&sig=Cg0ArKJSzF0lWlUk1Y2AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&vt=11&dtpt=117&dett=2&cstd=0&cisv=r20211130.23255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame 0A7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEE6cY9GDH_DfJL7wmPnhVY&google_cver=1
43 B
275 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEE6cY9GDH_DfJL7wmPnhVY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKve37wBMAE&v=APEucNUymJvmTAb6lyWwi7ypX5Qqcdxc_HZg5DVorEm8UT5uHHlN3jOIAMyERLUUkQMJdC2612L3mjVtKkxnL8jqhT4f5KWAt23ILBBN3x76VJ6mzPxBWPccC_3f-be-zrVQzcokI8CaCHoD-KkKLcmoLzmR-x5MmZWmESv7unsuFiMjUfuapl0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEE6cY9GDH_DfJL7wmPnhVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0A7A
43 B
145 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKve37wBMAE&v=APEucNUymJvmTAb6lyWwi7ypX5Qqcdxc_HZg5DVorEm8UT5uHHlN3jOIAMyERLUUkQMJdC2612L3mjVtKkxnL8jqhT4f5KWAt23ILBBN3x76VJ6mzPxBWPccC_3f-be-zrVQzcokI8CaCHoD-KkKLcmoLzmR-x5MmZWmESv7unsuFiMjUfuapl0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 0A7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFlDn-6hEORLGw3RHFK5xgs&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFlDn-6hEORLGw3RHFK5xgs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKve37wBMAE&v=APEucNUymJvmTAb6lyWwi7ypX5Qqcdxc_HZg5DVorEm8UT5uHHlN3jOIAMyERLUUkQMJdC2612L3mjVtKkxnL8jqhT4f5KWAt23ILBBN3x76VJ6mzPxBWPccC_3f-be-zrVQzcokI8CaCHoD-KkKLcmoLzmR-x5MmZWmESv7unsuFiMjUfuapl0
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 02 Dec 2021 06:30:13 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFlDn-6hEORLGw3RHFK5xgs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0A7A
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeBwNgCEPrqitsCGKve37wBMAE&v=APEucNUymJvmTAb6lyWwi7ypX5Qqcdxc_HZg5DVorEm8UT5uHHlN3jOIAMyERLUUkQMJdC2612L3mjVtKkxnL8jqhT4f5KWAt23ILBBN3x76VJ6mzPxBWPccC_3f-be-zrVQzcokI8CaCHoD-KkKLcmoLzmR-x5MmZWmESv7unsuFiMjUfuapl0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 02 Dec 2021 06:30:13 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
collect
www.google-analytics.com/j/ Frame 4EB7
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1489636492&t=pageview&_s=1&dl=https%3A%2F%2Fwww.megacurioso.com.br%2Fhome%2Ffullhighlights%3Futm_source%3Dwww.baixaki.com.br%26utm_medium%3Dreferral%26utm_campaign%3Diframe&dr=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Destaques%20Mega%20Curioso&sd=24-bit&sr=1600x1200&vp=978x620&je=0&_u=YEBAAUABAAAAAC~&jid=989813360&gjid=1006559667&cid=1315773159.1638426613&tid=UA-144680-19&_gid=1358847314.1638426613&_r=1&gtm=2ouba1&z=1754453443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.megacurioso.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.megacurioso.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGc-gKqnSABIBNh13Tp9qwI&google_cver=1&google_push=AYg5qPKEk9o7pWN-grS2C0wOxIxylV1YazaC6knemJgXZvVSgxLi2exerCtfn1i6qY_GiYKGLmqQ4kyXGsf...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKEk9o7pWN-grS2C0wOxIxylV1YazaC6knemJgXZvVSgxLi2exerCtfn1i6qY_GiYKGLmqQ4kyXGsfQs8Ypp_pHfpibyLE&google_hm=1xTLBAUkRX-Q8jdGRirsGKU
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKEk9o7pWN-grS2C0wOxIxylV1YazaC6knemJgXZvVSgxLi2exerCtfn1i6qY_GiYKGLmqQ4kyXGsfQs8Ypp_pHfpibyLE&google_hm=1xTLBAUkRX-Q8jdGRirsGKU
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:12 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKEk9o7pWN-grS2C0wOxIxylV1YazaC6knemJgXZvVSgxLi2exerCtfn1i6qY_GiYKGLmqQ4kyXGsfQs8Ypp_pHfpibyLE&google_hm=1xTLBAUkRX-Q8jdGRirsGKU
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEWRRs3xkCME24fruLQd-MY&google_cver=1&google_push=AYg5qPIx-Z3uWgWLMyHM1die21j7Q60XLjf_EABV0RPHAVZmcmL1_cKILNyzvFL7rMjRDMR2hgOvUL3jq7BCYryB...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pkKjbdZ_SQq_aCY0JZbYSg2&google_push=AYg5qPIx-Z3uWgWLMyHM1die21j7Q60XLjf_EABV0RPHAVZmcmL1_cKILNyzvFL7rMjRDMR2hgOvUL3jq7BCYryB90Civ25rIA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pkKjbdZ_SQq_aCY0JZbYSg2&google_push=AYg5qPIx-Z3uWgWLMyHM1die21j7Q60XLjf_EABV0RPHAVZmcmL1_cKILNyzvFL7rMjRDMR2hgOvUL3jq7BCYryB90Civ25rIA
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pkKjbdZ_SQq_aCY0JZbYSg2&google_push=AYg5qPIx-Z3uWgWLMyHM1die21j7Q60XLjf_EABV0RPHAVZmcmL1_cKILNyzvFL7rMjRDMR2hgOvUL3jq7BCYryB90Civ25rIA
x-host
tde-deliveryengine-production-74b86f4bcf-8t6gr
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDST0xzC9hUyHBEgFjJrjOM&google_cver=1&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDST0xzC9hUyHBEgFjJrjOM&google_cver=1&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=gSLkYyy8F0sDreyhND7noA&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95l8KfE_f8rWZc6dscjy-J...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=gSLkYyy8F0sDreyhND7noA&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95l8KfE_f8rWZc6dscjy-J9Llleb89wVmYhxb9f0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Dec 2021 06:30:13 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=gSLkYyy8F0sDreyhND7noA&google_push=AYg5qPJSHwOY7kgdlAMtbTJb10BOGm2GRBxcZx1_sgSUgoMnyKs4Hs1j8sN95l8KfE_f8rWZc6dscjy-J9Llleb89wVmYhxb9f0
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
237
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA3Kw_TWn5JPgpIcvzfcHDk&google_cver=1&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79A-...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA3Kw_TWn5JPgpIcvzfcHDk&google_cver=1&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA5NTQwOTIzODYyMzY1MDMzNg&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA5NTQwOTIzODYyMzY1MDMzNg&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79A-WbWLjwssCj_z15asKtI
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA5NTQwOTIzODYyMzY1MDMzNg&google_push=AYg5qPL-RWhFt5Hze48Wqt8ZgQr8UdDC21jqGRH_H_KuyoQsZtL9r--uhCSJGc1HPbRNqOQ4KlOA79A-WbWLjwssCj_z15asKtI
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENR8N7MvkdlrG6Fyak2XrQA&google_cver=1&google_push=AYg5qPJdNa91iZBgNHQSvgSPiwjfeCDOTHK1u65QH0JTxMWdvlPp0AEU7H-XN_CbPjJUrgEw9AHo89-9h0AGHbev...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJdNa91iZBgNHQSvgSPiwjfeCDOTHK1u65QH0JTxMWdvlPp0AEU7H-XN_CbPjJUrgEw9AHo89-9h0AGHbevIiNk-N5Tvrw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJdNa91iZBgNHQSvgSPiwjfeCDOTHK1u65QH0JTxMWdvlPp0AEU7H-XN_CbPjJUrgEw9AHo89-9h0AGHbevIiNk-N5Tvrw
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJdNa91iZBgNHQSvgSPiwjfeCDOTHK1u65QH0JTxMWdvlPp0AEU7H-XN_CbPjJUrgEw9AHo89-9h0AGHbevIiNk-N5Tvrw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
4HgRwbWzJVw-9tQY5sMgSdzr__HKAj66sxjv7GFtU27h1oGkKV1TAw==
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.targeting.unrulymedia.com/csync/RX-4945d19f-2870-475d-aaa2-6e9eb5624349-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLVgi4YHJxqOaD1ACPL0...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLVgi4YHJxqOaD1ACPL0bplTnmfHnlMOea5Q0HzP8HEmAcwrEGopqTAOlhJhuOoSbygRVodgRIh5WcyVAO2XRgws0uJmQ&google_hm=A0lF0Z8ocEddqqJunrViQ0k
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLVgi4YHJxqOaD1ACPL0bplTnmfHnlMOea5Q0HzP8HEmAcwrEGopqTAOlhJhuOoSbygRVodgRIh5WcyVAO2XRgws0uJmQ&google_hm=A0lF0Z8ocEddqqJunrViQ0k
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLVgi4YHJxqOaD1ACPL0bplTnmfHnlMOea5Q0HzP8HEmAcwrEGopqTAOlhJhuOoSbygRVodgRIh5WcyVAO2XRgws0uJmQ&google_hm=A0lF0Z8ocEddqqJunrViQ0k
date
Thu, 02 Dec 2021 06:30:13 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4945d19f2870475daaa26e9eb5624349003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 609F
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCo...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCo...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRd...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEJ4X5MpLeO1oVnqaS2XDzGs&google_cver=1&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRd...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZTUyYzBjMC01MzM5LTExZWMtYjFjNy0wNmNlOGUxY2U2MDI%3D&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZTUyYzBjMC01MzM5LTExZWMtYjFjNy0wNmNlOGUxY2U2MDI%3D&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZTUyYzBjMC01MzM5LTExZWMtYjFjNy0wNmNlOGUxY2U2MDI%3D&google_push=AYg5qPLPMW511wFuOC3mMfbfILobml3qKp4V3j88Qkto8NE4_fNRRdCoTDzyrUjvTV_6YqXeg_2F1aFkuQnT7Xcsx7qRFDaDAhCV
date
Thu, 02 Dec 2021 06:30:13 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 609F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JK3VQ1FhAENNPu6DJ9o9ScWZWRXiuZMUTrSJMskhwPdE-QOjAbqI176EfOAKuQ6MSGZmc0mg
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
b
b.t.tailtarget.com/
Redirect Chain
  • https://b.t.tailtarget.com/b?tA=TT-10709-3/CT-239&tY=1&tS=2&tX=b.52&tZ=876998274
  • https://b.t.tailtarget.com/b?tA=TT-10709-3/CT-239&tY=1&tS=2&tX=b.52&tZ=876998274&check=1
90 B
535 B
Script
General
Full URL
https://b.t.tailtarget.com/b?tA=TT-10709-3/CT-239&tY=1&tS=2&tX=b.52&tZ=876998274&check=1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
1092916f8f9fd75ff8e1aa777c7fead5cead388a04cacd7cf492ee3216556bb8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear

Redirect headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://b.t.tailtarget.com/b?tA=TT-10709-3/CT-239&tY=1&tS=2&tX=b.52&tZ=876998274&check=1
cache-control
private, proxy-revalidate
content-type
text/html
alt-svc
clear
content-length
145
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 119B
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
140969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:44 GMT
collect
stats.g.doubleclick.net/j/ Frame 4EB7
7 B
28 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144680-19&cid=1315773159.1638426613&jid=989813360&gjid=1006559667&_gid=1358847314.1638426613&_u=YEBAAUAAAAAAAC~&z=163488017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.megacurioso.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 02 Dec 2021 06:30:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.megacurioso.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame 4EB7
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-19&cid=1315773159.1638426613&jid=989813360&_u=YEBAAUAAAAAAAC~&z=1975112079
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ Frame 4EB7
42 B
63 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-19&cid=1315773159.1638426613&jid=989813360&_u=YEBAAUAAAAAAAC~&z=1975112079
Requested by
Host: www.megacurioso.com.br
URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.megacurioso.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 119B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7zEM9GeoYdufKJaQgAea8Jv4DQAAAAA4AeAEAg&bg=!iYqlis7NAAaQHwIOkB87ACkAdvg8Wppvuz84Pks2gjRP7MW48pdVcIqoNzEmNNe4HqV5kJ-jpf4hTwIAAABbUgAAAApoAQeZAvv55ANk0U-5BS2_BUx4HawUAYHhLBrSzY-x-EW2w0NxhBeMv9401_caO2kowrAEvqR4yUjLDXB47zHrdcgD99HFWMnJiUlcU7A-1xtAquq5CYOFeZtOd2JF8QBqIBzSuAmyZZtREyhYvVf1ahv6njJza6us72Cv0ZeEEMubtZWRxfHUmKowaJ58_g2-gGRrNR6WgcNSNsQ5DLlHjzFr9rRW1iGwGn-jBMvUoldBqR8_C4OqMDIfQk97MlB_043UEgiU0gy5V8QZ8hw3BWsDYy3P8GlW8qfbs8M3ZGUVyPi1BNTtVkpKEfu8NjlbhCez7fjiVxvDuF47x4nRN5fPcgCgAL0vdzgZcPk1asYrGKQIIZYFAYrsBfTux_pZzkYNaGUCAlO-C-e4uM-2qOQvalVREWxBb8P_5SQzrJeJ5knL_T4JbjdmJmf3HK8vynnGrmkvYlenFM_4Y-KHEX7vX32WeiTcSP06DVmaBWC96cYddJspIm5dHfpf8d-8bxtNV8eD9EgXHew7UoxvJR8SmX7QM2zHQBquZr2HDXjAkUigm2v8Ow0kd0wiT_9-sxH66Ksrz3UgWMaDJfVzKJpkHLLG5iX-Q84VnKxu4WCzYmqYGF1aOEUs0Frp7V1jWXB8F_xPbvXkfb2kB-0Y0DUC2n2ulsD4VjY3S6NJCCvDXn_St_tGckEA1disd22ELTZ0SExCq5FO1PvF-0n0OhdJP4UR89h6tZuIWp_hTopwGqquXuv5JuEMAkrgoeLvk-z6P5Ozn1yLo-DIHTjzIMUSaJSoTfA56hyuNN1uPjnTVIvbvzS1FZAnBmVKcKTi1kJA09ZODj09Or8TcVzJKFwQBY9c8S_ZcKOKJiyb2E6720-_ipN4bSvHsF9sVpg_0zu0kHL-1I_YPf2XbtCrenxrHets_TC90AXcGLlcnHZEJ-oeMaJD75AORqC4OfQb7rqRy2qU_ceO_q0FaqGwuGquJVlV0T9zNF021KyV27AJW7eeXEGCFS1JF9Uh6cfQ
Requested by
Host: 3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
URL: https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/
43 B
299 B
Image
General
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10709-3/CT-239&tE=0&tF=&tI=____1638426613459_3257167525&tX=b.52&tY=1&tZ=721330663
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:13 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44E9
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-pHJCY1jm5troIDBRDIMd-MojUjn9uzQwt-Iitf41Q9op9QrAvt_zy9qlbM0ZAIKlSMUCM61291NdlF05jSwIybmdersk9LQJRwYV&sai=AMfl-YSHNVq5geo6TD2IllY28i5oypJUxAiT1JG9qof8EesufUjlTgWlgUABEB21qnQvqNkws7MpZM2biHztYapD97FabgoFKII1yohT-w0me4oX65O5tFKHNutdZlE&sig=Cg0ArKJSzC5FUQSXszFiEAE&cid=CAASEuRozagRncaUKiOlS9PaZFyJQg&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2836067115&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638426612533&rpt=189&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55807904e3592846c67fabd88b6d4515ab846beb4760a0f053f6f879b08fa8a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 06:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8487
x-xss-protection
0
conversion.js
d.tailtarget.com/
15 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/portal/redir-partners.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 10:51:40 GMT
content-encoding
gzip
age
70716
x-guploader-uploadid
ADPycdvGpWA5iBFjomjJ4URc7h4sh9Y6ag1rxmgs9o44M_4_N8lj6uA5n401StAcmM4eT1Y1XaDP-FpOSrQ1p0vacA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"c011d7eff3edda011a5511fb703d925a"
x-goog-hash
crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language
en
x-goog-generation
1632418656103247
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 10:51:40 GMT
base.js
d.tailtarget.com/
20 KB
8 KB
Script
General
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 23:03:40 GMT
content-encoding
gzip
age
26796
x-guploader-uploadid
ADPycdtGDGqG5TkFLOhcafXycT59LiRVFThATonqN5J4Bv12gydBdRfeW7CYmQwth3nY_OvMQGet4G0KItUoBN63hwg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash
crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language
en
x-goog-generation
1632418656026668
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 23:03:40 GMT
trk
tt-10709-3.seg.t.tailtarget.com/
70 B
377 B
Image
General
Full URL
https://tt-10709-3.seg.t.tailtarget.com/trk?tA=TT-10709-3&tJ=_channel:www.baixaki.com.br:1|_channel:universo-games-nzn:1&tK=1638426611&tM=direct&tL=direct&tN=direct&tY=3&tZ=77420853
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:16 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
content-type
image/png
alt-svc
clear
content-length
70
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 02 Dec 2021 06:30:16 GMT
b
b.t.tailtarget.com/
126 B
166 B
Script
General
Full URL
https://b.t.tailtarget.com/b?tA=TT-10709-3&tY=1&tS=2&tU=0100007FF867A8618B06D44D02870F03&tX=b.52&tZ=153161612&env=_ttq_tt_nzn
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
81232d3fa5e84b220b91eb3d3b953b58c5b0ab9afd7c7842fbac072ee8bc252d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:16 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1BAF
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 01 Dec 2021 19:15:36 GMT
expires
Thu, 01 Dec 2022 19:15:36 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
40480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A017
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0ed974ee7f134d8baa509524d076f31b0f3f509baa32801d2d1485ea7d633de8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Aznw3zz94hsexRsrJ54I/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 02 Dec 2021 06:30:16 GMT
date
Thu, 02 Dec 2021 06:30:16 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Aznw3zz94hsexRsrJ54I/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ca
tt-10709-3.seg.t.tailtarget.com/
78 B
339 B
Script
General
Full URL
https://tt-10709-3.seg.t.tailtarget.com/ca?tZ=553208472&env=_ttq_tt_nzn
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
a5469e9f87bd1a34f97eb771eab27fcf71b679d130ee68e67907afb588fd1795

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:16 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js
pagead2.googlesyndication.com/bg/ Frame 1BAF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:22:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
140878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13522
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:22:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A017
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111701&jk=1527440362662624&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

__tt.gif
t.tailtarget.com/
43 B
242 B
Image
General
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10709-3&tE=5&tF=&tI=____1638426613459_3257167525&tJ=&tQ=www.baixaki.com.br,universo-games-nzn&tU=0100007FF867A8618B06D44D02870F03&tX=b.52&tY=1&tZ=180881434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 06:30:16 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111701&jk=1527440362662624&bg=!5-Sl5KDNAAaQHwIOkB87ACkAdvg8Wu-9a4-8Agr-TNQI1wDE4j_shJ2-Cmh4ATU2R2PZYLZ6bAmrAwIAAABQUgAAAAtoAQeZAr1AEgYGl4nrnu3LN6fWoAfEvoazTcqfssK-BJ3PFcFdxZqSgeK5HdDGuvZuB8XpdmLt4q6Cqhj69BRkQMoc4T3_PMJK_8ryrypVSAyukeuWFMkzi2UpTVdVs4jIwkhtc7tCNGGZQSsJXLGh1l8GvHBzTlKjfWPokrGXDnjqH9G4f-xYJgFbIBMtZWHQuIzy8NVIg49qczuFEXRSW7IPf129yJhfSu7p-xaJvpb9QK1pYmVOkyrcKgA1a6PJ5J_LJEqbEs3PtCRRLQrmCCgvAEoQGFlyv_vMeB4SpDSQL-SY_juNp98BfV4QqccF78sS3D5XhmpFbVgrg0ptOXOMOJEdrU1TuDaIOelbVJcZ608tA19_barIsYSat9_Ta78ltm9i600pq8_Sa3ZQiEppLh7v24rWqX2SpLyHYR4m1aXLSDxRfp-__w7D1DpfCSrT3cS2YF1FUQ9XS-5QGNuKH-qJSMetGYZSnYoOGnOXxUwCpDDiMaeILRTEAJxb0ylR5-KMqCQbSbNM4oSo9N0CUtczLFx9zJY2oCdLw86T8eYV2MLPdV8e1hqJYFe0K7GDfpR85N1BhZ1A-E0TJcaSCejo4Byt1xfBowcF2aMOC4znHg-sgFLb7noIvY6REMc72_4iCusY2LDHx5QWoEEUBU7eUOhbnzj1UkcRN1s00fmby9A3dLlJlQriCSMJj0X_caeXV2b4WZDOWdBG0gLfIQd6x07Wn50UplqTPgF8znl4P4urp1hPPdJ1-d6JuPtEirPzBwCQdNBDN9fVtJuuSIMEe_YO12TFxf6BED9X19DSJE-OK3E3v8DUZybvOskKK7F-OmD7vmh-pwfS_UR2c1zVCj6NWG3hRqEaBrKMb8r2KNO3viW8XeYv2CYfWdc9KReqhjBi-n13utBLz-pqEnli6ZK3TNRZHo9_evrGFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 06:30:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.1-1ads.com
URL
https://www.1-1ads.com/js/show_ads_supp.js?pubId=4526
Domain
s-akfs.nspmotion.com
URL
https://s-akfs.nspmotion.com/aep/tag/br/nzn_baixaki_horizontal_4_slots_https.js

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| CriteoSetDFP function| clrbuscacomp function| getCookie function| setCookie object| BrowserDetect function| sethome function| querystring function| clrcck function| tipso function| getsistema function| sistemacompativel function| smphone function| getuser function| preparaLogin function| loginFeito function| msgErro function| mostrarCarregando function| esconderCarregando function| issixtyfour function| logarFacebook function| dadosFacebook function| variaveis function| dwnld function| decode string| menufixo string| tb_pathToImage function| tb_init function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF function| fbAsyncInit function| EventEmitter object| eventie function| imagesLoaded object| nvg13767 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg string| nzn_x object| _gaq function| GetQSTR function| setTrack object| googletag object| _ttprofiles string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder function| udm_ object| ns_p string| supp_key number| supp_time string| supp_channel string| supp_code_format string| supp_click object| supp_custom_params object| _gat object| gaGlobal object| FB object| ggeac object| google_js_reporting_queue object| naveggReady undefined| google_measure_js_timing string| nvg_i object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| nvgParameters object| nvgSegment object| _aep object| ns_ object| _ttconversion object| _nznt object| jQuery19109521935038573608 object| imgLoader object| ___gcfg object| TTTagManager function| TTTagManagerError object| _ttq_tt_nzn string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| _ttq object| _czmb function| TTBase function| ttBaseE object| _ttqHolder function| czQuery function| $cz object| _comscore string| _mb function| ga function| superagentCallback1638426611217606 object| gapi object| ___jsl object| ___gu object| google_tag_data object| gaplugins object| gaData object| COMSCORE object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup string| _czmbPubId function| czlite function| czmax function| cztimeline function| cztimelinelite object| _gpt object| _czGoogleFooterDesk string| n object| _tt_nzn string| nq object| cmds object| ttcNamespace object| GoogleGcLKhOms object| google_image_requests

87 Cookies

Domain/Path Name / Value
.scorecardresearch.com/ Name: UID
Value: 16SVGMHDRHT6MW5OXE2IQMg1638426602
.baixaki.com.br/ Name: __utma
Value: 248450708.1413534137.1638426601.1638426601.1638426601.1
.baixaki.com.br/ Name: __utmc
Value: 248450708
.baixaki.com.br/ Name: __utmz
Value: 248450708.1638426601.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.baixaki.com.br/ Name: __utmt
Value: 1
.baixaki.com.br/ Name: __utmb
Value: 248450708.1.10.1638426601
.baixaki.com.br/ Name: nav13767
Value: fcd20e6ae3ec7b4736f8fdbca09|2_337
.doubleclick.net/ Name: IDE
Value: AHWqTUk4c5vJ8ymz-BJO3mMTmSPbyrcpAeJMJb5dMX0nUsIBVxbj0OBvpFfQkdtyAaY
www.baixaki.com.br/ Name: tt_c_vmt
Value: 1638426611
www.baixaki.com.br/ Name: tt_c_c
Value: direct
www.baixaki.com.br/ Name: tt_c_s
Value: direct
www.baixaki.com.br/ Name: tt_c_m
Value: direct
.google.com/ Name: NID
Value: 511=Qf9ozu60ghYB8EypNfL56j07w7YVMSHek8HEFTpFJET4jO_QPaVRPGDQRMMxbH8lCQLu4afs9DUyUi8lP6VEu9Ce17hUa_mTn0nUK3T0pJco05hrFoTRzPe4CyHvxKp_Debzj-rbvsp0qaJZKwoWc_-YCRSpQQSGi5B5Piz_sZo
.baixaki.com.br/ Name: _ga
Value: GA1.3.1413534137.1638426601
.baixaki.com.br/ Name: _gid
Value: GA1.3.1277296268.1638426611
.baixaki.com.br/ Name: _gat_czmb
Value: 1
.adnxs.com/ Name: uuid2
Value: 41720538796090681
.casalemedia.com/ Name: CMPS
Value: 1852
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il_wt'!F!]tbPl1M>e)ZlrFUfJ+tGXxoD@Hb+uCI2=>>q).IF9)jH_+?-#Q<8NP%`cTT*bpRz*qF1`*b_gq*0di!
.casalemedia.com/ Name: CMST
Value: Yahn9GGoZ-QA
.cazamba.com/ Name: uid
Value: 61a867f407cd1
.cazamba.com/ Name: visits%3A1638316800%3A930
Value: 1
.cazamba.com/ Name: _czu_1_1638316800
Value: 1
.cazamba.com/ Name: _czu_930_1638316800
Value: 1
.cazamba.com/ Name: lastPub
Value: 930
.cazamba.com/ Name: synced
Value: 1
.casalemedia.com/ Name: CMID
Value: Yahn9AVDSmlD4ORVXvo3CgAA
.casalemedia.com/ Name: CMPRO
Value: 1834
.casalemedia.com/ Name: CMRUM3
Value: 2d61a867f42760CAESELrrggST_x-_kkqJgugd3IQ
.tecmundo.com.br/ Name: _ga
Value: GA1.3.894814026.1638426612
.tecmundo.com.br/ Name: _gid
Value: GA1.3.272180599.1638426612
.tecmundo.com.br/ Name: _gat_gtag_UA_144680_14
Value: 1
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: fcd20e6aeb910818183ca0a8009|2|362
.baixaki.com.br/ Name: __gads
Value: ID=1d3e287baea0a93f:T=1638426602:S=ALNI_MZxkx_-ueBPltnqfntmp7m5WqxCXQ
.sxp.smartclip.net/ Name: uuid
Value: c08b8f3d-f130-4af0-8d0d-773f75c06ec7
.cazamba.com/ Name: ttdata
Value: _1_1638426613_1
.krxd.net/ Name: _kuid_
Value: OhCHJif2
.sxp.smartclip.net/ Name: psyn
Value: 18963.75
.mathtag.com/ Name: uuid
Value: ed5c61a8-67f5-4c00-88cf-73b16bff9674
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 1c7a7fce645edf31458fce4c3dd18f2
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQN0w2TzRPS041MzFNTUkzNjQxtQDyTJKNU1IMLdKMGIAgcUX6VxANBQBm1wuq"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXJH%2BFUhBAQAdQwJm"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yahn9QAI2wUOCgBR
.adsrvr.org/ Name: TDID
Value: 2baa896d-bf17-44e0-8499-0a55e3f327c8
.megacurioso.com.br/ Name: _ga
Value: GA1.3.1315773159.1638426613
.megacurioso.com.br/ Name: _gid
Value: GA1.3.1358847314.1638426613
.demdex.net/ Name: demdex
Value: 64294456141303181482293558259345769997
.megacurioso.com.br/ Name: _gat_gtag_UA_144680_19
Value: 1
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16960%3b%24o%3d11100
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi-1LvY_dmaOhAFOAE.
.dpm.demdex.net/ Name: dpm
Value: 64294456141303181482293558259345769997
.smartadserver.com/ Name: pid
Value: 8448954786143315660
.smartadserver.com/ Name: pdomid
Value: 12
.ctnsnet.com/ Name: cid_d714cb040524457f90f23746462aec18
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A642A36D-D67F-490A-BF68-26342596D84A%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4945d19f-2870-475d-aaa2-6e9eb5624349-003%22%7D
.t.tailtarget.com/ Name: _ssc
Value: y
.advertising.com/ Name: APID
Value: UP4e52c0c0-5339-11ec-b1c7-06ce8e1ce602
.adform.net/ Name: C
Value: 1
.cazamba.com/ Name: czbc%3A10294
Value: 1
.cazamba.com/ Name: _cz_t_2427%3A10294%3A930%3Aprint
Value: 1
.cazamba.com/ Name: _cz_tn_2427%3A10294%3Aprint
Value: 1
.m6r.eu/ Name: test
Value: true
.cazamba.com/ Name: czbc%3A11129
Value: 1
.cazamba.com/ Name: _cz_t_2647%3A11129%3A930%3Aprint
Value: 1
.cazamba.com/ Name: _cz_tn_2647%3A11129%3Aprint
Value: 1
.adform.net/ Name: uid
Value: 8095409238623650336
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4945d19f-2870-475d-aaa2-6e9eb5624349-003%22%7D
.t.tailtarget.com/ Name: ttbprf
Value: ____1638426613459_3257167525
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.baixaki.com.br/ Name: tt.nprf
Value:
.m6r.eu/ Name: cct
Value: 1638426613533
.m6r.eu/ Name: id
Value: 8122e4632cbc174b03adeca1343ee7a0
.yahoo.com/ Name: A3
Value: d=AQABBPVnqGECEHqOJ5YHlk6hKsNYY_491hYFEgEBAQG5qWGyYQAAAAAA_eMAAA&S=AQAAAjdXiWXT1mjxrUjk0ODQdAI
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~21uu
.yahoo.com/ Name: APID
Value: UP4e52c0c0-5339-11ec-b1c7-06ce8e1ce602
.yahoo.com/ Name: APIDTS
Value: 1638426613
.t.tailtarget.com/ Name: u
Value: fwAAAWGoZ/hN1AaLAw+HAgB=
www.baixaki.com.br/ Name: tt.u
Value: 0100007FF867A8618B06D44D02870F03
www.baixaki.com.br/ Name: _ttuu.s
Value: 1638426615743
.tt-10709-3.seg.t.tailtarget.com/ Name: trk
Value: JYVMEYwNA2ooUlS9Vg1zwB9SU4M5LqLVIEFx9TU2sZTFppoOwdczeCtcRxNmLCet
.tt-10709-3.seg.t.tailtarget.com/ Name: ttca
Value: _1638426616
.t.tailtarget.com/ Name: n
Value: 1638426616

20 Console Messages

Source Level URL
Text
security warning URL: https://www.baixaki.com.br/portal/redir-partners.asp
Message:
Mixed Content: The page at 'https://www.baixaki.com.br/portal/redir-partners.asp' was loaded over HTTPS, but requested an insecure element 'http://img.ibxk.com.br/bxk_v12/bxk-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://www.baixaki.com.br/portal/redir-partners.asp(Line 88)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d.tailtarget.com/profiles.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.baixaki.com.br/portal/redir-partners.asp(Line 88)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d.tailtarget.com/profiles.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d.tailtarget.com/profiles.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d.t.tailtarget.com/profile, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d.tailtarget.com/profiles.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d.t.tailtarget.com/profile, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://www.baixaki.com.br/portal/redir-partners.asp
Message:
Mixed Content: The page at 'https://www.baixaki.com.br/portal/redir-partners.asp' was loaded over HTTPS, but requested an insecure element 'http://img.ibxk.com.br/bxk_v12/bxk-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://img.ibxk.com.br/2021/12/01/01150727246384-t250-t222x111.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://img.ibxk.com.br/2021/12/01/01131205334267-t250-t222x111.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://img.ibxk.com.br/2021/12/01/01125330614257-t250-t222x111.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://img.ibxk.com.br/2021/12/01/01001549244616-t250-t222x111.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://img.ibxk.com.br/2021/12/01/01140740330312-t250-t222x111.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://img.ibxk.com.br/2021/11/17/17211950035000-t250-t222x111.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.1-1ads.com/js/show_ads_supp.js?pubId=4526
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://www.baixaki.com.br/portal/redir-partners.asp
Message:
Mixed Content: The page at 'https://www.baixaki.com.br/portal/redir-partners.asp' was loaded over HTTPS, but requested an insecure element 'http://img.ibxk.com.br/loading.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://s-akfs.nspmotion.com/aep/tag/br/nzn_baixaki_horizontal_4_slots_https.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://lb.nznweb.com.br/tracker/tracker.2018032814.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lb.nznweb.com.br/tracker/tracker.2018032814.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Message:
Refused to execute script from 'https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1' because its MIME type ('image/gif') is not executable.
security error URL: https://as.cazamba.com/cs?publisher_id=930&g=1638426612
Message:
Refused to execute script from 'https://tags.bluekai.com/site/31435?id=67865994926&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.
javascript warning URL: https://www.megacurioso.com.br/home/fullhighlights?utm_source=www.baixaki.com.br&utm_medium=referral&utm_campaign=iframe
Message:
The resource https://mega.ibxk.com.br/2021/12/01/01103728680149.jpg?ims=575x524 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a7ddb083a6c99a4bf4fd09c19d011c5.safeframe.googlesyndication.com
ad.doubleclick.net
ad.sxp.smartclip.net
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
api.cazamba.com
apis.google.com
as.cazamba.com
b.t.tailtarget.com
beacon.krxd.net
c1.adform.net
cdn.cazamba.com
cdn.jsdelivr.net
cdn.navdmp.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.t.tailtarget.com
d.tailtarget.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
ib.adnxs.com
imasdk.googleapis.com
img.ibxk.com.br
lb.nznweb.com.br
match.adsrvr.org
mega.ibxk.com.br
obj-mega.ibxk.com.br
obj.ibxk.com.br
pagead2.googlesyndication.com
pixel.advertising.com
pixel.mathtag.com
px.cazamba.com
s-akfs.nspmotion.com
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.navdmp.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
t.tailtarget.com
tag.navdmp.com
tags.bluekai.com
tags.t.tailtarget.com
tpc.googlesyndication.com
tracking.m6r.eu
trc.taboola.com
tt-10709-3.seg.t.tailtarget.com
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
www.1-1ads.com
www.baixaki.com.br
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.megacurioso.com.br
www.tecmundo.com.br
s-akfs.nspmotion.com
www.1-1ads.com
104.111.215.191
104.111.242.245
13.225.87.89
135.125.160.160
142.250.181.226
142.250.185.70
142.250.185.98
142.250.186.98
151.101.194.49
151.139.128.11
185.33.220.145
185.86.137.131
2.18.233.201
2.18.234.21
212.82.100.182
213.19.147.44
2600:9000:20eb:4e00:1b:5138:8a40:93a1
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:df3
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42::300
3.126.56.137
3.33.220.150
34.102.185.99
35.157.177.200
35.174.32.80
35.186.193.173
35.186.194.101
35.190.0.66
35.201.123.184
35.244.159.8
37.157.4.29
52.204.18.146
52.212.131.178
52.30.14.23
52.48.8.186
54.38.212.101
72.251.244.140
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
016d272c972fe15d89eba942e0c350a666be6113c3742fbafdd3f454b5761b6e
0338bcda8d24666ed68871a22dbeedf2bb3a8201a195faff774ed669f6975e4e
04511d8147ba67779410293628c524c0f2c2ac984cab17a6e8f9933b850ee886
04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf00714a8463592935defc613c39ef77a64350d5e6bb6f8d6a7bb53bc5697eb
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ed974ee7f134d8baa509524d076f31b0f3f509baa32801d2d1485ea7d633de8
0f12ad3126e50535e8cfc613bb19eccbc22768b06bea5901040682de5ce2df70
1092916f8f9fd75ff8e1aa777c7fead5cead388a04cacd7cf492ee3216556bb8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c7cf50f3c9644548c159995989043c52d2a525229637c499b511e090602d43
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
1650d0ab9a081006da083651929024306d1fdbe1a512ca7073f18da963ad5079
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a03bf038cb81d5be2bfd378107d0479a90b143967699ff9fcad22dc01629e8f
1aeccbded86885bd4f93896d5b7226a6e31969bc05e71da544c397f7749bee15
1ce8c2b7274efc80d45249ce3a27514a454db2520f31480cea53319b3bc24dff
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
25459beda4f69f421c6fcb39f6973db8bed017a80e0b0b4bd257e80ed5673861
2c21f52e0b7568c38a1c71f0b57a5230dc34ab4b41c520c931603914e3b15fa2
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e1798c12b9c2e572abef4571bc2269f3cf8a3a805d5c2f922abc8964a14b14f
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
316719af8c625b5102c37c03c018c91c1e0a54d0fa8e49f399250b82a4cb11dc
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
358ca7e88162a85a1604f6a8897ba426a3e400a7bfd97a7a6b2be7e90f203e87
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a19dd804a60d46432e5d2205f6bfbaf2567061313cca294aded8659f3f4247a
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
402313d2b68318512b1248b6fc9022f409354bec392adf4cbd4ee5681355a824
43d32f3b4bfee460b7026dad4375b306d976b4fd46442e50f7bb51850744e35b
447aed4cf1bf61655b7cd88b3e75ce684464a7f3a1aecb8fdea3478a4fe298d8
46949b0ebfc651245d2b94172d1002e769ba7ae9b602026e9cc6ea0942bef527
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b798a5b21ad689d8dab5daf84dbfb5c276cd994f2b93234c34e39795fdd2561
4beec82f69210e380245449530c41952d2850fd2ecf580c6d2e27f6808cd075a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526da43442f570f9afed426b5aa81ec42f0fc0ee1ef4d62a3f095b342d3afec2
5343c7a2c5c03d6beed4539f55e4e972871fc4aa35d279a62237960fd922ac96
536b3ce1074d9b9899aac640bff3eb2d71b98261b19a5f341f3d783320548189
536d41f307d9c484b1175148888bd2e9ac4f9a2ebfa21583c54a96124c62839f
53a362213e2657bf6e5e14b4d814c14dec21bfe8cbf6201ed2c81398d3bce69e
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55807904e3592846c67fabd88b6d4515ab846beb4760a0f053f6f879b08fa8a2
564d990d54c16bbd0a737d687d7e8596a3904ff3292ff0b618ee0401d18b35fe
57b03bdfab75813851988e2ab70c25a29a1259c3e99ef0096a431994af6923fe
581dee063cff2b9a119f8a64890d8b459af7cb9d10668cdd070245ee51d9edc7
596f6032c38c2ec25840c5c71e6c22db5c70d005be3af0207f56594fb368c68f
5b6c63d85a2965ed5d7a5a9473a6563be3432da50be286bef2ee03a54caba718
5ead5ff764075d6bc2632b073703798e0650a4ff1ac67a80835960b3455edb44
5f6559faf48cfdbd38a9b7db00bffce74a4eb503daeb1e9d8007ca590d57eb2f
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
622d5044f2fb47d3145b899db47da77def0ecc13364ac219b7b60f364196a114
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
627b717a369895656423ba623d0d83c2002281751124a35fe2b6acdd07e6737a
63ff2f8fd33b69fcaa3394e4ffc79014db011cb57d23a2f77b41cd9e702a1e42
653d04098d18f17959aeb31247dfe66426a6385eae8812b08e938cab24d836f6
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
67964f1cb107f2110809f0c3ef5b65c1a0fde7477fdb1933bcd9d316d4f1c9df
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b6473203bc47149284e61d5bfceac76748c697f72af9f21193bcf6c4df4248e
6cdd22e067545f77d4168806ab785103e5702b8976e5f77c5e811e4118f817a6
6eda64128db563b15368c8e91652b0a66583272c0c5b5a6356d104ab1b7e7254
7639a6e5375c0c171f364069aa3fede719a6ba97985be15f0b41335cd0d41cf3
768e06db152674c2b8a7ff4caefbd58a9bb5e052525e457c95a955fee648da99
776ab54d5f04265c34d61e6442448301222038f88c44c277672ab3662cb2a212
79835f2d0f3ea82036369d6c309f89559dc6a3da0bdc441518838c307be2b4b1
8091761cfa71f7a161cbca380a058e7ea2f8919a97cf43f41957a54d535df986
81232d3fa5e84b220b91eb3d3b953b58c5b0ab9afd7c7842fbac072ee8bc252d
82ba6da551227d1d1bca5ab45d7b2f822d1141fff328304195d9b10f87940f4a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85782c69e9d7c7121cba07c204e3e7d20d0236f7d4d38927257628f9ded0fdf3
86fe6478dc28e4de75f46247553e90a6404cdbfb9d344eb1776d408d51b1908c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c78a6050e2d0c91425e75e39e21a9ab7efd5d7f6a6b2251a52b71742fe82fca
8cd91d9c5afef21866a068d35fde9a75ba42ae5d6d5541c0c262be5efbb33fc7
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
8f9005f28f21ab79d563d340f7b7552497074930450681af12a679da0fa03abd
91f70c3d4de12fb759a0f2da69d78342d50484a4c501a87a56f9273bb14fcb35
93c99b1a62bdef426c6029d8eeaa796af079bd0b67c7bd67fda444e8afb6f562
97c0f469a9f03528bfc7997ccd2ce5fb557fe05f748d69aff08347208527f93c
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad30a1a7b1a11a8449fa7a67f971b71051a1840a34b993e5177e961b926c777
9d75fa7cb88beee887f6674a44b97fb33886272057a41d406dc346de223f9572
9f4554c3c9196dfe6d75d689ac22cee234b87434b8eaad52841705b6eef37f53
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0ece3d81212b04151eda43636a20365dcd924190108b9b5fe6f3322f7fbdad1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4374b0547ee7dee99a61bf5668c6be2e76def8807a31da37a182afd25214509
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5469e9f87bd1a34f97eb771eab27fcf71b679d130ee68e67907afb588fd1795
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6069bbca72fec0f6641a08636d4f96ed08c7f2b13845f3edd7e38a46b4f1bc5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab43dbc7a1d80485305ed198a495eb3f58a10a062fa7b69e45219134d8647a25
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abff56d89d593fb7fa09080bbb38f828b9c208452b765cac9438f30aa8b129e6
aec0d8e579e180d1710f8dc447dfcdbf8c1d805dd907e2e65d9e6b755d6e5d57
b0c39441d9a378190ba0fdaa68373a57158cfb0384f0774d791ed663dd01d5c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e6d5002e0763c313c3a9df87ac34de4ded5ae57a8f1342e92ccc3db0f6bfe5
b27941209a28b4f55b3f7431123f84c9113288847e77ab8c9a9d8fa2b422f981
b444b971ff6000395bd9274c3e33e324c1cd8658cb7af7a6547dbb91ec2dc0e2
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
bef79e75174393e46c8a0044343d31766d0f4bbd893f10776396d054425720e7
bf85387414617a5a40179356a22dbccaa08b3a9acf5e704be25e52a9a965e9d2
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c29cb8d5576783701b7197129ba5fb88610c5d3d55bfe1e4ecd2e20523c4c915
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c8871b6e9aee5124fd7ef79e81453b2241cdf7ffb6a1d94823ae12fb2dbc9f12
c88d557c8678b7ce1628080e3723b42016eda8420507e9d5b8b82207e354fb72
c9522d06349a07c4b9ed939f4b8d9de7cb9cd0ab50f1880ed10d5ca9c0fafbab
cb5441b88cbf4d5f952d238a381951e8bb76d1045dcac2f9b9b895d2bc3889da
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04ba8369f9ebdf4ffd6ed3e6399dde00cd407b979105e90c57afff0a2f7050a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95
d131ba55ffa96cb9dab58a18a560f87f5b55f674379c2e482defdf08bbf7ef48
d34aee319aa9a8859594b3220002be7411cd05f84cf87d297aa508672294ef41
d68765f48f7274a23ce62c587242f2be56f893ae49c33db5d88e11ed14944543
d8f13f89c5476280dda59d9b42d3b93f99d201dddf493ee78dc6e43c08b191b0
da77b9499cb79e2023802cb1fed3e39e0414a7ea244290186e85547e2816f256
dae477839e4e3d664a28f9c95b6e22288e15674e5878f264762443acd0a5a445
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
df4efe040b8552b11119294166c0040fcec4a11d6a4a4ce0fe206dcf84131df3
e0a1bc310556490c18a35c0f4bab63855403c3c12ecae5a51d33923693a123a3
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e2e78b49365fa8b1921bda8412484ef532e8f0e1df7c3ed4aa5031c5e2cbbc06
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e624b798238ee5ceb3ec514a20cdf1d5bbdeec52ce1de9898bd007b61afc1d1e
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
eac48e3985bb23809ad759fe9056ce51a59588fdc8e93e0edd1a2f79e7421bb5
eae4bf9b4870ee80dcc0cd64c0697c7907703c711ee47f4ec23e255fa04df3bb
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ec49b33967a90be54e0fa873fd2ec4763ead758efcec3608cd20fff4b9ad3534
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10fd76f5ee28056ad3f3d76232971f96e26a122270bac12bc6fc5fc35931568
f299ffe9830918a4853856495722a658af9b0cf36d2d26041a6898e9cfee92dc
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f3e4785ada852860d7f22424fb9839860c3b58baa270b2e0a0ad00a3d94cd0ee
f5811e93bc04170997b02a69b1990396dcbd6efa26214fb3b714ca913ff02a6d
fa2bdf49efe7abee71e39cb2dc412d55a019a5ff7ccb7e7af03c6ddb8751596d
fc9ca99fc946436dfa7545fb539a3ffdf6c3edc58cb00a577b7b33a27187dbc6
fecb52c070ce6fc25e11a1be6234f23b35ba95b1205472db28667f195dc87eab