e4t.com.br Open in urlscan Pro
142.44.179.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.e4t.com.br/
Effective URL:
https://e4t.com.br/
Submission: On January 20 via api (January 20th 2024, 7:53:27 pm UTC) from US — Scanned from CA

Summary HTTP 224 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 16 domains to perform 224 HTTP transactions. The main IP is 142.44.179.115, located in Canada and belongs to OVH, FR. The main domain is e4t.com.br.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time e4t.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 68	142.44.179.115 142.44.179.115	16276 (OVH) (OVH)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
28	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
4	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
3 16	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
2	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
17	142.251.167.94 142.251.167.94	15169 (GOOGLE) (GOOGLE)
28	172.253.115.132 172.253.115.132	15169 (GOOGLE) (GOOGLE)
3	142.250.31.95 142.250.31.95	15169 (GOOGLE) (GOOGLE)
1	152.195.19.97 152.195.19.97	15133 (EDGECAST) (EDGECAST)
1	23.204.76.188 23.204.76.188	16625 (AKAMAI-AS) (AKAMAI-AS)
7	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
4	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1 3	23.48.104.178 23.48.104.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	142.251.16.101 142.251.16.101	15169 (GOOGLE) (GOOGLE)
2	74.125.0.8 74.125.0.8	15169 (GOOGLE) (GOOGLE)
5	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
1	35.201.74.200 35.201.74.200	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	35.190.52.204 35.190.52.204	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.253.62.94 172.253.62.94	15169 (GOOGLE) (GOOGLE)
2	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	172.253.115.149 172.253.115.149	15169 (GOOGLE) (GOOGLE)
17	142.251.111.149 142.251.111.149	15169 (GOOGLE) (GOOGLE)
2	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1	142.251.111.103 142.251.111.103	15169 (GOOGLE) (GOOGLE)
224	31

68 142.44.179.115 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: premium1-svcp3.lnxserversecure.com

www.e4t.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e4t.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.253.62.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.94 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.167.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.253.115.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.31.95 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.76.188 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-76-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.104.178 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-178.deploy.static.akamaitechnologies.com

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.101 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.0.8 (United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s12-in-f8.1e100.net

r3---sn-tt1elnel.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.74.200 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 200.74.201.35.bc.googleusercontent.com

ag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.52.204 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.87 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net

p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.111.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f149.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	e4t.com.br 1 redirects www.e4t.com.br e4t.com.br	2 MB
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	654 KB
30	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com	317 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	240 KB
20	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r3---sn-tt1elnel.c.2mdn.net — Cisco Umbrella Rank: 372921 s0.2mdn.net — Cisco Umbrella Rank: 336	232 KB
8	adnxs.com 3 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1783 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1419 ib.adnxs.com — Cisco Umbrella Rank: 253	33 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	357 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	140 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
3	yieldoptimizer.com 1 redirects ag.yieldoptimizer.com — Cisco Umbrella Rank: 41246 tag.yieldoptimizer.com — Cisco Umbrella Rank: 5253	1 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 53	22 KB
3	wp.com stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	6 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	1 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4271	32 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 9185	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	88 KB
224	16

	Domain	Requested by
67	e4t.com.br	e4t.com.br
28	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com e4t.com.br tpc.googlesyndication.com pagead2.googlesyndication.com
28	pagead2.googlesyndication.com	e4t.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
17	s0.2mdn.net	e4t.com.br s0.2mdn.net
15	fonts.gstatic.com	fonts.googleapis.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com e4t.com.br googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net e4t.com.br www.googletagservices.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.gstatic.com	e4t.com.br googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	fonts.googleapis.com	e4t.com.br googleads.g.doubleclick.net
3	nym1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	e4t.com.br
2	ad.doubleclick.net	googleads.g.doubleclick.net www.googletagservices.com
2	p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com
2	p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com
2	p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com
2	tag.yieldoptimizer.com	1 redirects googleads.g.doubleclick.net
2	r3---sn-tt1elnel.c.2mdn.net	googleads.g.doubleclick.net
2	stats.wp.com	e4t.com.br
1	www.google.com	tpc.googlesyndication.com
1	ag.yieldoptimizer.com	e4t.com.br
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	pixel.wp.com	e4t.com.br
1	www.google.ca	e4t.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	e4t.com.br
1	www.e4t.com.br	1 redirects
224	36

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
discord.gg

Subject Issuer	Validity	Valid
e4t.com.br R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2025-01-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://e4t.com.br/
Frame ID: 825C1EDD3C8EB77675CF329DE8981E17
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: BD0191DABFE1A139B970F5BBFD24C2E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&adk=1812271804&adf=3025194257&lmt=1705780398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398077&bpp=4&bdt=389&idt=438&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1637122345497&frm=20&pv=2&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=468
Frame ID: 2B9121F5B8657B11ACCD5656E6523256
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=1618235776&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398156&bpp=2&bdt=468&idt=423&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=430
Frame ID: 67279C3FDB10693DE7FAD923D793DEF7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474
Frame ID: 77141D5A55A0BF888AF65609ED532CC3
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 35BB13B387977C22C71C4A3F37300864
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 120625C02E25D4D86040A032A9281DC9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 72447D884113440E9E6282CA193DE7D5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 9301DA4B22BBBA1897D27DB0CB8A2393
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 0C7A3CF2FB454CBAD1DE984FCEDCA9B9
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C48F03FD34F6E498EB400D1EEA0C0680
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDF-7m6AhiZlOqDAjAB&v=APEucNX_oIjwhq0xv0uLam_s6FEbBPJtdeCCrXVuRWmre3g_7T7qLkmZpl5UY7OoGP49aZ9xttBX3YfCOiYraNOwJw59RW9qdQ
Frame ID: BDA73A9849A78215ACAAA5A4C26A9993
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4F415081B1AF0CDDD7015C879C056F22
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4C412A873838CF0AE58A7D2C5D556BC0
Requests: 3 HTTP requests in this frame

Frame: https://p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: A23A51B2167E8356AC8F82996D039B9E
Requests: 2 HTTP requests in this frame

Frame: https://p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 3AD7DD4E3079ED5E6E102FA102159D1F
Requests: 2 HTTP requests in this frame

Frame: https://p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 34C466E89AA9A6ED4DE07E75A2CAD0D0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8B0DB77903CBB11A89C10417F6304BF6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: 0D80C1DBB0758500D50A9F5628D29045
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: 3CD9DB94AFAFF7FF38BAB3336A617853
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8238A25B6EDA838046CC90273D2A5FF7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: A88E63116899EDB3948A57A24168CE35
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
Frame ID: 4A5AF2D4D3F5A5BBAD8F42F969536202
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3013D61A0F0A3F592D0F0FA9BD6A1461
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DD39FAFD23038379E4293DCDDB722AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Início - Elite dos Quatro Traduçõeslike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-iconlike-icon

Page URL History Show full URLs

http://www.e4t.com.br/ HTTP 301
https://e4t.com.br/ Page URL
https://e4t.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

224
Requests

97 %
HTTPS

0 %
IPv6

16
Domains

36
Subdomains

31
IPs

3
Countries

3965 kB
Transfer

10992 kB
Size

18
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Elite4Traducoes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ElitedosQuatroTradu%C3%A7%C3%B5es

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elitedosquatro/

Search URL Search Domain Scan URL

URL: https://discord.gg/GRrQaWQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.e4t.com.br/ HTTP 301
https://e4t.com.br/ Page URL
https://e4t.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.e4t.com.br/ HTTP 301
https://e4t.com.br/

Request Chain 122

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=130a5ed5-345b-49b9-82ee-92674063369f&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ab7772d4-7085-466a-8420-850d5dafb32d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc67fd30786874c8fbf99e9d65878e84b%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=1565732041738615851 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c67fd30786874c8fbf99e9d65878e84b&SNR=1&GV=2&med=10

Request Chain 131

https://gcdn.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/164501BF26675CDD542CE575E3DFB1DEADE760E5.882597C0F131CB9F95EA131CA23F9CC85ACB28B6/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-tt1elnel.c.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54E7E02983610D2C282D224CDEE17482A584E2F3.23B630FB07B5287E3487A7E20D43816E51B01BC7/key/cms1/cms_redirect/yes/mh/K5/mip/86.48.14.18/mm/42/mn/sn-tt1elnel/ms/onc/mt/1705780121/mv/m/mvi/3/pl/24/file/file.mp4

Request Chain 161

https://tag.yieldoptimizer.com/ps/analytics?pxid=263380& HTTP 302
https://tag.yieldoptimizer.com/ps/analytics?tc=659145018&pxid=263380&

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&C=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zawkr.u9l6aYzTmEt5uZRwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&google_hm=2

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJqb97lASPvMLI3Dv2mY3UQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqb97lASPvMLI3Dv2mY3UQ%26google_cver%3D1

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTIxNjY2MTE1NDExMTUwNA%3D%3D

224 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
e4t.com.br/
Redirect Chain

http://www.e4t.com.br/
https://e4t.com.br/

268 KB
23 KB

694ms
620ms

Document
text/html

142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 10f90e4d335dd73214e4503894d81503b04444685f205995e683513adc3750a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 19:53:15 GMT
etag: "1483-1705780395;br"
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/" <https://e4t.com.br/wp-json/wp/v2/pages/20626>; rel="alternate"; type="application/json" <https://e4t.com.br/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 3bd_HTTP.200,3bd_front,3bd_URL.6666cd76f96956469e7be39d750cc7d9,3bd_F,3bd_Po.20626,3bd_PGS,3bd_guest,3bd_,3bd_UCSS.eb259944e44d46e39d9b6950cda422b8,3bd_MIN.d34dace58353f26796190b969a811b21.css,3bd_MIN.1aa2a2a95413914360457f4231612af4.js

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 19:53:14 GMT
expires: Sat, 20 Jan 2024 20:53:14 GMT
location: https://e4t.com.br/
server: LiteSpeed
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-redirect-by: WordPress

GET
H2 200 d34dace58353f26796190b969a811b21.css
e4t.com.br/wp-content/litespeed/css/ 755 KB
102 KB 44ms
42ms Stylesheet
text/css 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 1bcbe7f289e9bb530fd2d8ae16b4f7b2dfad81f72773f9fee36b239817c03a4e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
content-encoding: br
last-modified: Sat, 20 Jan 2024 14:24:06 GMT
server: LiteSpeed
etag: "bca0f-65abd786-671bef8b6330fad5;br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 103934
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H2 200 e-202403.js Show response
stats.wp.com/ 7 KB
3 KB 56ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202403.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT yyz
date: Sat, 20 Jan 2024 19:53:16 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356353.6772
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 14:15:58 GMT

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2fed37917d2ef847f20613f7382ab973784b478236647776a65f5588438333b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7a2cb4c652c10d713ba9c8b847038263e3f0648315acb6b57b6dac1943c5d7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df8cad4d70ceb58260be365f53856f823d1973616d02efb54c897fde37981f32

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 163 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f72bc934728472cd66ad4cc45b4de15c520d6be57a29e3cce9cd9bf25b9eca01

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 163 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 732cf1258094a5b09b26bbdda530d29708bf96dc7493acd79c47db751e9f96aa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fundo-roxo-heroes-repetivel.webp
e4t.com.br/wp-content/uploads/2024/01/ 6 KB
6 KB 37ms
37ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/fundo-roxo-heroes-repetivel.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: f078caf2d237710b634372d80fd84966a84a256c7cfdb92d6ea1f77ccf4fd9c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Fri, 05 Jan 2024 15:30:00 GMT
server: LiteSpeed
etag: "181e-65982078-adc5c03f848ddfd6;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6174
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 fundo-roxo-heroes-scaled.webp
e4t.com.br/wp-content/uploads/2022/09/ 25 KB
25 KB 37ms
36ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/09/fundo-roxo-heroes-scaled.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 27499083420f1ebb46b98d4db3d70fb9c9d33c7fe3ffbc713de554cbfe6dedeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Sat, 03 Sep 2022 04:50:03 GMT
server: LiteSpeed
etag: "63a4-6312dcfb-a32c52092d8aa6a0;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 25508
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 pixicon.ttf
e4t.com.br/wp-content/themes/essentials/css/build/pixicon-light/fonts/ 104 KB
58 KB 36ms
35ms Font
font/ttf 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/themes/essentials/css/build/pixicon-light/fonts/pixicon.ttf?ib808a
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 6c5d47b5c182909e217db7fbe3c0c5ef4890de4892e35c9140bebe2188890d79

Request headers

Referer: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2023 04:58:58 GMT
server: LiteSpeed
etag: "1a174-6590f512-49e75cd3beb86bfa;br"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 59401
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
DATA 200
OK truncated
/ 167 B
167 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7074b43397d0b58a24e93acf0070e62909f966390624cd8835dd05ff8f65358b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 guest.vary.php
e4t.com.br/wp-content/plugins/litespeed-cache/ 16 B
197 B 41ms
40ms Fetch
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-litespeed-cache-control: no-cache
x-robots-tag: noindex
content-length: 20

GET
H3 200 Elite-dos-Quatro-Traducoes-Letreiro.png
e4t.com.br/wp-content/uploads/2022/03/ 20 KB
20 KB 37ms
36ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/03/Elite-dos-Quatro-Traducoes-Letreiro.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Thu, 17 Mar 2022 07:58:14 GMT
server: LiteSpeed
etag: "50e6-6232ea16-95d0ac8f216b986c;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20710
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 Shin_Megami_Tensei_cover_2-2.webp
e4t.com.br/wp-content/uploads/2024/01/ 57 KB
57 KB 102ms
100ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/Shin_Megami_Tensei_cover_2-2.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Wed, 03 Jan 2024 22:22:28 GMT
server: LiteSpeed
etag: "e37a-6595de24-b06c6f3f5d253009;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 58234
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 ash-e-pikachu-classicos-622x400.jpg
e4t.com.br/wp-content/uploads/2024/01/ 49 KB
49 KB 45ms
43ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/ash-e-pikachu-classicos-622x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Wed, 10 Jan 2024 17:47:35 GMT
server: LiteSpeed
etag: "c25a-659ed837-8656820ecf0727ce;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 49754
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 e40661de263220c8aa91745f0b53a8d2.jpg
e4t.com.br/wp-content/litespeed/avatar/ 2 KB
2 KB 47ms
45ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/litespeed/avatar/e40661de263220c8aa91745f0b53a8d2.jpg?ver=1705521307
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Wed, 17 Jan 2024 19:55:07 GMT
server: LiteSpeed
etag: "612-65a8309b-6f8e71d246c8828;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1554
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 rhythmheaven-622x400.jpg
e4t.com.br/wp-content/uploads/2023/12/ 94 KB
94 KB 41ms
40ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/12/rhythmheaven-622x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Sun, 24 Dec 2023 12:52:03 GMT
server: LiteSpeed
etag: "1782e-65882973-3b1983d89b7f3ec6;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 96302
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 rdfmm-tibby-622x400.webp
e4t.com.br/wp-content/uploads/2022/12/ 61 KB
61 KB 43ms
42ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/12/rdfmm-tibby-622x400.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:15 GMT
last-modified: Fri, 30 Dec 2022 10:06:43 GMT
server: LiteSpeed
etag: "f332-63aeb833-c43c5ac495358ade;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 62258
expires: Mon, 20 Jan 2025 01:53:15 GMT

GET
H3 200 Primary Request / Show response
e4t.com.br/ 246 KB
19 KB 845ms
844ms Document
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: abf67e56707f3a8b0e967cdf5933a3ed56823bdfca8fb0de9068dc42b25d729b

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 19:53:16 GMT
etag: "1484-1705780396;br"
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/" <https://e4t.com.br/wp-json/wp/v2/pages/20626>; rel="alternate"; type="application/json" <https://e4t.com.br/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 3bd_HTTP.200,3bd_front,3bd_URL.6666cd76f96956469e7be39d750cc7d9,3bd_F,3bd_Po.20626,3bd_PGS,3bd_,3bd_MIN.d34dace58353f26796190b969a811b21.css,3bd_MIN.ec5e168e2f42a345a9c9168908c5bb18.js

GET
H3 200 webfontloader.min.js Show response
e4t.com.br/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 52ms
51ms Script
text/javascript 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 14:24:56 GMT
server: LiteSpeed
etag: "2f42-657db338-e1131e37379cd431;br"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4649
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 d34dace58353f26796190b969a811b21.css
e4t.com.br/wp-content/litespeed/css/ 755 KB
102 KB 101ms
99ms Stylesheet
text/css 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 1bcbe7f289e9bb530fd2d8ae16b4f7b2dfad81f72773f9fee36b239817c03a4e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
content-encoding: br
last-modified: Sat, 20 Jan 2024 14:24:06 GMT
server: LiteSpeed
etag: "bca0f-65abd786-671bef8b6330fad5;br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 103934
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 jquery.min.js Show response
e4t.com.br/wp-includes/js/jquery/ 86 KB
29 KB 52ms
50ms Script
text/javascript 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 18:40:38 GMT
server: LiteSpeed
etag: "15601-654bd626-d06eeefacf67fbc9;br"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 29744
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 133ms
55ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JDNVYKR2JJ

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c20d38c73599790fa3f77a69662fd768373daf6f9ae9afa8b4dcbd460bc54033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 Jan 2024 19:53:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 139ms
63ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3272641779235890&host=ca-host-pub-2644536267352236

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

bf74ffb1ddb0d5fbed4bdcd13b574d21e6d9259fc5fc42fba1b7d97d695d0bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51676
x-xss-protection: 0
server: cafe
etag: 6052232757836799784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 19:53:17 GMT

GET
H3 200 Elite-dos-Quatro-Traducoes-Letreiro.png
e4t.com.br/wp-content/uploads/2022/03/ 20 KB
20 KB 110ms
109ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/03/Elite-dos-Quatro-Traducoes-Letreiro.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: ee8d093524afa31a27b0f1107d73e268786083c5e556bda88eb0408fbbc96da5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Thu, 17 Mar 2022 07:58:14 GMT
server: LiteSpeed
etag: "50e6-6232ea16-95d0ac8f216b986c;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20710
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 Shin_Megami_Tensei_cover_2-2.webp
e4t.com.br/wp-content/uploads/2024/01/ 57 KB
57 KB 111ms
110ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/Shin_Megami_Tensei_cover_2-2.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: a83b68f9553123a2ae73f93337009304a055d794a39d263eddd72603322a8c94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Wed, 03 Jan 2024 22:22:28 GMT
server: LiteSpeed
etag: "e37a-6595de24-b06c6f3f5d253009;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 58234
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 e40661de263220c8aa91745f0b53a8d2.jpg
e4t.com.br/wp-content/litespeed/avatar/ 2 KB
2 KB 74ms
70ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/litespeed/avatar/e40661de263220c8aa91745f0b53a8d2.jpg?ver=1705521307
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: e343b8954bd074ea50860faa6cc25119e836d1b896881e9d00200a249fe23ab5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Wed, 17 Jan 2024 19:55:07 GMT
server: LiteSpeed
etag: "612-65a8309b-6f8e71d246c8828;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1554
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 118ms
94ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3272641779235890

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

0b011d32947139eafb593005c30ff6e2a12b81c4d6d0327adcafff5e95325508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51667
x-xss-protection: 0
server: cafe
etag: 13635121698546787145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 19:53:17 GMT

GET
H3 200 facebook_macos_bigsur_icon_190191-75x75.png
e4t.com.br/wp-content/uploads/2022/09/ 4 KB
4 KB 93ms
90ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/09/facebook_macos_bigsur_icon_190191-75x75.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: f789fdbc36d5fbc1965499a824783de75e96194a48c18b4a7ddde20680eda194

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sun, 02 Oct 2022 03:23:54 GMT
server: LiteSpeed
etag: "1033-6339044a-b15be08ce3b756ec;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4147
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 youtube_macos_bigsur_icon_189528-75x75.png
e4t.com.br/wp-content/uploads/2022/09/ 4 KB
4 KB 73ms
70ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/09/youtube_macos_bigsur_icon_189528-75x75.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 65b0217265db0a466804ca1a79649a9f3fbf23e7cc1c041216c2c799fd19fc93

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sun, 02 Oct 2022 03:24:13 GMT
server: LiteSpeed
etag: "103a-6339045d-547fe8ef7eb2ab5e;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4154
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 instagram_macos_bigsur_icon_190067-75x75.png
e4t.com.br/wp-content/uploads/2022/09/ 6 KB
6 KB 92ms
89ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/09/instagram_macos_bigsur_icon_190067-75x75.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 7ef9486f208d7f60111887c065160a3e37537a04d47328e8aa6707c9493924f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sun, 02 Oct 2022 03:24:50 GMT
server: LiteSpeed
etag: "182c-63390482-afcb5953865614bb;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6188
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H2 200 e-202403.js Show response
stats.wp.com/ 7 KB
3 KB 20ms
17ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202403.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT yyz
date: Sat, 20 Jan 2024 19:53:17 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356353.6772
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 14:15:58 GMT

GET
H3 200 ec5e168e2f42a345a9c9168908c5bb18.js Show response
e4t.com.br/wp-content/litespeed/js/ 667 KB
180 KB 91ms
90ms Script
text/javascript 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 2be2b883abfc4993fb172e251bc1a4515f099c3eb86d34fd6a573089a860f697

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
content-encoding: br
last-modified: Sat, 20 Jan 2024 14:24:36 GMT
server: LiteSpeed
etag: "a6c1a-65abd7a4-a0d57a47403193c8;br"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 183990
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
DATA 200
OK truncated Show response
/ 416 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ba640b15203a92b9952df090b2de8e1ca8227480767f6f103e338ce3b80bebc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 218 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91a6dc807d2570b3d1bf9b8dbc2d673c0c91747ba702c04d572766d908709f3a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 fundo-roxo-heroes-repetivel.webp
e4t.com.br/wp-content/uploads/2024/01/ 6 KB
6 KB 59ms
58ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/fundo-roxo-heroes-repetivel.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: f078caf2d237710b634372d80fd84966a84a256c7cfdb92d6ea1f77ccf4fd9c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Fri, 05 Jan 2024 15:30:00 GMT
server: LiteSpeed
etag: "181e-65982078-adc5c03f848ddfd6;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6174
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 fundo-roxo-heroes-scaled.webp
e4t.com.br/wp-content/uploads/2022/09/ 25 KB
25 KB 108ms
108ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/09/fundo-roxo-heroes-scaled.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 27499083420f1ebb46b98d4db3d70fb9c9d33c7fe3ffbc713de554cbfe6dedeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sat, 03 Sep 2022 04:50:03 GMT
server: LiteSpeed
etag: "63a4-6312dcfb-a32c52092d8aa6a0;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 25508
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 pixicon.ttf
e4t.com.br/wp-content/themes/essentials/css/build/pixicon-light/fonts/ 104 KB
58 KB 40ms
40ms Font
font/ttf 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/themes/essentials/css/build/pixicon-light/fonts/pixicon.ttf?ib808a
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 6c5d47b5c182909e217db7fbe3c0c5ef4890de4892e35c9140bebe2188890d79

Request headers

Referer: https://e4t.com.br/wp-content/litespeed/css/d34dace58353f26796190b969a811b21.css?ver=fb078
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2023 04:58:58 GMT
server: LiteSpeed
etag: "1a174-6590f512-49e75cd3beb86bfa;br"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 59401
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 ash-e-pikachu-classicos-622x400.jpg
e4t.com.br/wp-content/uploads/2024/01/ 49 KB
49 KB 47ms
46ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/ash-e-pikachu-classicos-622x400.jpg
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: bedf667d93553c80372c5fa6aac1b9b6e0e1f53f046f778d08854a1f2c056998

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Wed, 10 Jan 2024 17:47:35 GMT
server: LiteSpeed
etag: "c25a-659ed837-8656820ecf0727ce;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 49754
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 rhythmheaven-622x400.jpg
e4t.com.br/wp-content/uploads/2023/12/ 94 KB
94 KB 48ms
45ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/12/rhythmheaven-622x400.jpg
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 8c9d2a5c54bac1b1956ff2a3f89160acd369cc75c5aea3c020c8fd26f13f1f3a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sun, 24 Dec 2023 12:52:03 GMT
server: LiteSpeed
etag: "1782e-65882973-3b1983d89b7f3ec6;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 96302
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 rdfmm-tibby-622x400.webp
e4t.com.br/wp-content/uploads/2022/12/ 61 KB
61 KB 49ms
47ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/12/rdfmm-tibby-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: de826411418e811bb5657b85f11081e94c3317a89bcb4de32b093a2e8fa60c6e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Fri, 30 Dec 2022 10:06:43 GMT
server: LiteSpeed
etag: "f332-63aeb833-c43c5ac495358ade;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 62258
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 image-capa-print-622x400.png
e4t.com.br/wp-content/uploads/2023/04/ 211 KB
211 KB 85ms
83ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/04/image-capa-print-622x400.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: ead59c083f49207d7360564383b9c33c1f3271540681478c7fa2ee1777411bc0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Thu, 09 Nov 2023 03:54:45 GMT
server: LiteSpeed
etag: "34cf9-654c5805-470257806e2de98a;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 216313
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 mkds-info-622x400.jpg
e4t.com.br/wp-content/uploads/2023/03/ 42 KB
42 KB 84ms
82ms Image
image/jpeg 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/03/mkds-info-622x400.jpg
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 8e1b4b67465baf0eb59b88ca9241ad63f847b5cb5a7af02462f0b4ce1e8727ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Thu, 09 Nov 2023 03:54:33 GMT
server: LiteSpeed
etag: "a90b-654c57f9-2082196ead77c43;;;"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 43275
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 pokemon-tv-1-622x400.webp
e4t.com.br/wp-content/uploads/2024/01/ 27 KB
27 KB 89ms
86ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/pokemon-tv-1-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: b61734075cad1d99e73d1ac8acd23e106a57cc52c5d25b6d2bc7ec742e6c08d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Tue, 09 Jan 2024 15:52:58 GMT
server: LiteSpeed
etag: "6bbc-659d6bda-e31213f53498b80;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 27580
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 GBA_MarioVsDonkeyKong-622x400.webp
e4t.com.br/wp-content/uploads/2024/01/ 38 KB
38 KB 86ms
84ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/GBA_MarioVsDonkeyKong-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 36c93ad09816a24a52cc66b1cc913dbfdf48ac791db1eba5c88f8773e3898bcb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Tue, 09 Jan 2024 06:41:29 GMT
server: LiteSpeed
etag: "9880-659cea99-9b292dc4687f41b0;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 39040
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 Gungrave-G.O.R.E-Ultimate-Enhanced-Edition-post-622x400.webp
e4t.com.br/wp-content/uploads/2024/01/ 39 KB
40 KB 86ms
84ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/Gungrave-G.O.R.E-Ultimate-Enhanced-Edition-post-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 9a098a0868150753e0c0076b067d5b90ab89bdf3f0f93e2a71818d3443220f27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Tue, 09 Jan 2024 01:53:33 GMT
server: LiteSpeed
etag: "9df2-659ca71d-61c6eb7e55affffb;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 40434
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 ayaneo-flip-ds-02-622x400.webp
e4t.com.br/wp-content/uploads/2024/01/ 10 KB
10 KB 87ms
84ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/ayaneo-flip-ds-02-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: e1a0c2788b10316bfac532720c627383c1bb370513eaac1ef519db4cdcef7e77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sun, 07 Jan 2024 13:42:28 GMT
server: LiteSpeed
etag: "27d4-659aaa44-5554c082d1bd420c;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10196
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 The-pokemon-company-International-622x400.webp
e4t.com.br/wp-content/uploads/2024/01/ 13 KB
13 KB 87ms
85ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2024/01/The-pokemon-company-International-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 2af67baf8c9ac2868a07344f16b60e790499b44b4dd04d49362cd081cfdb8f2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sat, 06 Jan 2024 14:44:31 GMT
server: LiteSpeed
etag: "3404-6599674f-6e978f023bb7c2f5;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 13316
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 shinmegamitenseiiv-622x400.webp
e4t.com.br/wp-content/uploads/2023/12/ 48 KB
48 KB 88ms
86ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/12/shinmegamitenseiiv-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 11cb346a803f359d1ffb0552cac5500a22dc0910905120a786fd85da1adc83f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Sun, 31 Dec 2023 05:07:05 GMT
server: LiteSpeed
etag: "c1a0-6590f6f9-74ba34139ba487a6;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 49568
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
H3 200 Mig-Switch-622x400.webp
e4t.com.br/wp-content/uploads/2023/12/ 27 KB
27 KB 88ms
87ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/12/Mig-Switch-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 90f54e74dbf3048259e9f7e7741a29e574cc779de1b742308e51f968812871fd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:16 GMT
last-modified: Thu, 28 Dec 2023 00:01:15 GMT
server: LiteSpeed
etag: "6a90-658cbacb-7073288f5766ea9a;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 27280
expires: Mon, 20 Jan 2025 01:53:16 GMT

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 48 KB
2 KB 119ms
45ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

4d8c5099f6aed32fbdf9ea4a4c34f2d9bf9e39fd2eab5f62f36f1dfdb3780c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 19:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 19:23:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 19:53:18 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
136 KB 152ms
78ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3272641779235890&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

7feec0a2e71f43dabd4dd66b3b3bea32cd05562ce458d2010d20e398401697de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139591
x-xss-protection: 0
server: cafe
etag: 3641191955066710284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:18 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame BD01 9 KB
4 KB 108ms
35ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3272641779235890&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 72292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 23:48:26 GMT
etag: 3009746639812436877
expires: Fri, 02 Feb 2024 23:48:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
250 B 99ms
40ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JDNVYKR2JJ&gtm=45je41h0v885148107&_p=1705780398044&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1051451749.1705780398&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705780398&sct=1&seg=0&dl=https%3A%2F%2Fe4t.com.br%2F&dr=https%3A%2F%2Fe4t.com.br%2F&dt=In%C3%ADcio%20-%20Elite%20dos%20Quatro%20Tradu%C3%A7%C3%B5es&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1273
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JDNVYKR2JJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://e4t.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 123ms
45ms Ping
text/plain 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JDNVYKR2JJ&cid=1051451749.1705780398&gtm=45je41h0v885148107&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JDNVYKR2JJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://e4t.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 126ms
49ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JDNVYKR2JJ&cid=1051451749.1705780398&gtm=45je41h0v885148107&aip=1&dma=0&gcd=11l1l1l1l1&z=1955098871

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 115ms
38ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 02:54:01 GMT
x-content-type-options: nosniff
age: 61157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 02:54:01 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 18ms
17ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=203692759&post=20626&tz=-3&srv=e4t.com.br&j=1%3A13.0&host=e4t.com.br&ref=https%3A%2F%2Fe4t.com.br%2F&fcp=1106&rand=0.679793231035347
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 19:53:18 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 404 14.38ad2b40a067ce597a52.js
e4t.com.br/wp-content/litespeed/js/ 0
0 2893ms
2893ms Script
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/14.38ad2b40a067ce597a52.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/"
content-length: 9702
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 793.d942673b241cd716929e.js
e4t.com.br/wp-content/litespeed/js/ 0
0 2594ms
2594ms Script
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/793.d942673b241cd716929e.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-litespeed-cache-control: public,max-age=3600
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: 3bd_HTTP.404,3bd_404,3bd_URL.37d130ebc6fde4600ba3c28e60e248dd,3bd_,3bd_MIN.6460caecd286d0656ac2d72c0e8b8ea6.css,3bd_MIN.4aaf91ab170214904be7abdee1491f18.js
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 398.01edc105f758acd277a3.js
e4t.com.br/wp-content/litespeed/js/ 0
0 2708ms
2708ms Script
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/398.01edc105f758acd277a3.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/"
content-length: 9693
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 575.e8e50949adb5f70717bf.js
e4t.com.br/wp-content/litespeed/js/ 0
0 2999ms
2998ms Script
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/575.e8e50949adb5f70717bf.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-litespeed-cache-control: public,max-age=3600
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: 3bd_HTTP.404,3bd_404,3bd_URL.75f91ddf755fe1f1e033be8960fef44c,3bd_,3bd_MIN.6460caecd286d0656ac2d72c0e8b8ea6.css,3bd_MIN.4aaf91ab170214904be7abdee1491f18.js
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 484.ab0f4ab882c1274b1c48.css
e4t.com.br/wp-content/litespeed/js/ 0
0 2398ms
2398ms Stylesheet
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/484.ab0f4ab882c1274b1c48.css
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-litespeed-cache-control: public,max-age=3600
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: 3bd_HTTP.404,3bd_404,3bd_URL.a161e9d8b40644143f929713dd87103a,3bd_,3bd_MIN.4aaf91ab170214904be7abdee1491f18.js
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 484.d2046ca192c346302215.js
e4t.com.br/wp-content/litespeed/js/ 0
0 2836ms
2835ms Script
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/litespeed/js/484.d2046ca192c346302215.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-litespeed-cache-control: public,max-age=3600
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: 3bd_HTTP.404,3bd_404,3bd_URL.05cec1d2034bbcd4287d65b84fce48d2,3bd_
link: <https://e4t.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 1284ms
1283ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

3982cfa34e519d89f223632bfb0b1c9291338d7c9bc8d435643e18f60d4ce73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 1287ms
1287ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

cc2933639d268e847fbc74fe8728a6b351c0272623d241d72d016205043ea157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 1370ms
1370ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

5d1bb36c0145302a6e247ff23f3ecd7401335f91019befcd16b1db22285d28e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3046
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 2662ms
2662ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

f49251b1e09c4ce3c45d2d929ed769a0adf52f9dc5ee45ddd0a051ab8d6b7728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3492ms
3491ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

f49251b1e09c4ce3c45d2d929ed769a0adf52f9dc5ee45ddd0a051ab8d6b7728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 2476ms
2475ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

3982cfa34e519d89f223632bfb0b1c9291338d7c9bc8d435643e18f60d4ce73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 1595ms
1595ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

5d1bb36c0145302a6e247ff23f3ecd7401335f91019befcd16b1db22285d28e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3046
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3574ms
3574ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

f49251b1e09c4ce3c45d2d929ed769a0adf52f9dc5ee45ddd0a051ab8d6b7728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3707ms
3706ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

f49251b1e09c4ce3c45d2d929ed769a0adf52f9dc5ee45ddd0a051ab8d6b7728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 2759ms
2758ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

258efcd9aef72874f94485c47c5bb79785a7e753e0e9e8eea33355976d3cde8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3680ms
3680ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

3982cfa34e519d89f223632bfb0b1c9291338d7c9bc8d435643e18f60d4ce73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3089ms
3089ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

01295711aa266f3a81e5621fd8631b9b872a31c12a94f8b21651495d7245149f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3697ms
3697ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

258efcd9aef72874f94485c47c5bb79785a7e753e0e9e8eea33355976d3cde8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3699ms
3699ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

34317c2c5e7865161f880e4fdab2d6c81080cfa0c8d0531a11450b39cbf1dd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3568ms
3567ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

f1b9c7c1d6110b6defa387370bfadaff8b69b64f6c93c8b050fbadd4227bfd01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3369ms
3369ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

cc2933639d268e847fbc74fe8728a6b351c0272623d241d72d016205043ea157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
e4t.com.br/wp-admin/ 6 KB
3 KB 3486ms
3486ms XHR
text/html 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://e4t.com.br/wp-admin/admin-ajax.php

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.179.115 , Canada, ASN16276 (OVH, FR),

Reverse DNS

premium1-svcp3.lnxserversecure.com

Software

LiteSpeed /

Resource Hash

39807a2570fcfbe446164d3ca4a1e20d9dbaf37ba2180feb5e8033d3df3f3287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://e4t.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e4t.com.br, *
x-litespeed-cache-control: no-cache
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 3047
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 gorro-minimizador-wallpaper-link-espada-622x400.webp
e4t.com.br/wp-content/uploads/2022/12/ 51 KB
51 KB 73ms
72ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/12/gorro-minimizador-wallpaper-link-espada-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: cea98e96e2dd2c0c6588d2fa58ad9e124a08dbd35793bcecb0e705e47135c8fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
last-modified: Fri, 30 Dec 2022 04:43:37 GMT
server: LiteSpeed
etag: "cba0-63ae6c79-26407466631da4b7;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 52128
expires: Mon, 20 Jan 2025 01:53:17 GMT

GET
H3 200 nintendo-network-3ds-wii-u-622x400.webp
e4t.com.br/wp-content/uploads/2023/12/ 17 KB
17 KB 70ms
69ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/12/nintendo-network-3ds-wii-u-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: d3de8a6b01b7777575f806a98194b286a6ddb0f1751668c9deddde5fd038c62d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
last-modified: Mon, 25 Dec 2023 22:47:58 GMT
server: LiteSpeed
etag: "423c-658a069e-5a87f9d4bd91fb4f;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16956
expires: Mon, 20 Jan 2025 01:53:17 GMT

GET
H3 200 epilogo-scarlet-violet-622x400.webp
e4t.com.br/wp-content/uploads/2023/12/ 29 KB
29 KB 72ms
71ms Image
image/webp 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2023/12/epilogo-scarlet-violet-622x400.webp
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: de52b02e597db1f3883f432a143d8c604da2f14929d9e27b1c9d0474e7fb040c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
last-modified: Wed, 20 Dec 2023 14:25:12 GMT
server: LiteSpeed
etag: "7384-6582f948-36daeb02001c4365;;;"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 29572
expires: Mon, 20 Jan 2025 01:53:17 GMT

GET
H3 200 LOGO-512x512-com-brilho-q0m9ducmr0ohpr16163nql1yqvtamrvkg45e9rn280.png
e4t.com.br/wp-content/uploads/elementor/thumbs/ 19 KB
19 KB 41ms
40ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/elementor/thumbs/LOGO-512x512-com-brilho-q0m9ducmr0ohpr16163nql1yqvtamrvkg45e9rn280.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: f67bba6b19415a32bd07e53439fff0f7feb6b8fa4057b0fe56ed1225a22b816b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
last-modified: Fri, 13 Jan 2023 20:45:28 GMT
server: LiteSpeed
etag: "4cf8-63c1c2e8-a580e162249882b3;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 19704
expires: Mon, 20 Jan 2025 01:53:17 GMT

GET
H3 200 discord_macos_bigsur_icon_190238-75x75.png
e4t.com.br/wp-content/uploads/2022/09/ 4 KB
4 KB 71ms
70ms Image
image/png 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e4t.com.br/wp-content/uploads/2022/09/discord_macos_bigsur_icon_190238-75x75.png
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: 8049a165c5619d3e6f6bcc98b5faae71d436722c05ae310c3525745a13eb14d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
last-modified: Sun, 02 Oct 2022 03:25:45 GMT
server: LiteSpeed
etag: "fad-633904b9-449a7223380862a;;;"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4013
expires: Mon, 20 Jan 2025 01:53:17 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 42ms
38ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:19:42 GMT
x-content-type-options: nosniff
age: 110016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:19:42 GMT

GET
H2 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 47ms
44ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 01:24:50 GMT
x-content-type-options: nosniff
age: 152908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 01:24:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 59ms
56ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:51:44 GMT
x-content-type-options: nosniff
age: 108094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:51:44 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 68ms
65ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 02:54:13 GMT
x-content-type-options: nosniff
age: 61145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 02:54:13 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 74ms
71ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:14:44 GMT
x-content-type-options: nosniff
age: 110314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:14:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 63ms
60ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:19:33 GMT
x-content-type-options: nosniff
age: 110025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:19:33 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 83ms
80ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:52:40 GMT
x-content-type-options: nosniff
age: 162038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:52:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 78ms
76ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:41:34 GMT
x-content-type-options: nosniff
age: 173504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:41:34 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 85ms
83ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 03:28:46 GMT
x-content-type-options: nosniff
age: 145472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 03:28:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 87ms
85ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 01:24:44 GMT
x-content-type-options: nosniff
age: 152914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 01:24:44 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 89ms
88ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 02:58:54 GMT
x-content-type-options: nosniff
age: 60864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17552
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 02:58:54 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 91ms
90ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e4t.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 07:16:05 GMT
x-content-type-options: nosniff
age: 131833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 07:16:05 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
e4t.com.br/wp-content/plugins/elementor/assets/js/ 1 KB
675 B 36ms
36ms Script
text/javascript 142.44.179.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e4t.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/wp-content/litespeed/js/ec5e168e2f42a345a9c9168908c5bb18.js?ver=fb078
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.44.179.115 , Canada, ASN16276 (OVH, FR),
Reverse DNS: premium1-svcp3.lnxserversecure.com
Software: LiteSpeed /
Resource Hash: d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:17 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2023 07:14:09 GMT
server: LiteSpeed
etag: "550-659114c1-9099627fa19b0781;br"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 601
expires: Mon, 20 Jan 2025 01:53:17 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B91 519 KB
102 KB 630ms
629ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&adk=1812271804&adf=3025194257&lmt=1705780398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398077&bpp=4&bdt=389&idt=438&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1637122345497&frm=20&pv=2&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

9dba01e7e80a6b083d5b91701c27ce5f4e56eae581f32189bb1124a1d3112091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 103944
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Sat, 20 Jan 2024 19:53:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6727 89 KB
28 KB 486ms
485ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=1618235776&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398156&bpp=2&bdt=468&idt=423&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=430

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

43fe38dde1123bceabba9fa46fc5d6f21ead899571c28863c5c277ac1009661c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Sat, 20 Jan 2024 19:53:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7714 56 KB
19 KB 457ms
457ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

2c4f2f5fee4dd6085cb56fdf9450e45e71e1d01126ca3a1a73403e391153d23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Sat, 20 Jan 2024 19:53:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 6727 23 KB
9 KB 131ms
54ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=1618235776&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398156&bpp=2&bdt=468&idt=423&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:32:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6727 8 KB
846 B 47ms
46ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 19:42:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 6727 15 KB
3 KB 112ms
36ms Stylesheet
text/css 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 15:08:31 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 6727 378 KB
132 KB 113ms
37ms Script
text/javascript 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 15:21:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 6727 20 KB
8 KB 109ms
41ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:45:05 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 35BB 94 KB
32 KB 153ms
29ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/0795) /
Resource Hash: b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
content-md5: tLIyQJPl0bhnQiedbHYi6g==
age: 176476
x-cache: HIT
content-length: 32320
x-ms-lease-status: unlocked
last-modified: Mon, 08 Jan 2024 14:46:22 GMT
server: ECAcc (chd/0795)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a2cffc5c-001e-003d-4e3f-4aa2cc000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 35BB 80 KB
27 KB 214ms
82ms Script
application/x-javascript 23.204.76.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.204.76.188 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-76-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 19:53:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Sun, 19 Jan 2025 19:53:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 35BB 3 KB
1 KB 94ms
58ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 17:26:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 35BB 20 KB
9 KB 73ms
37ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:45:05 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35BB 206 KB
65 KB 111ms
37ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 162 KB
55 KB 84ms
83ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

3bf218495aea1c223827d5291cbe2e99abb6db26d046f75713301955f91ad551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56375
x-xss-protection: 0
server: cafe
etag: 17076918134181737942
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 99ms
98ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&hl=pt&pvc=1743161444856065

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6727 0
234 B 374ms
122ms Ping
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrmhlvp4&c=7497573240254&slotId=3748786620127&qqid=CPXj55Xf7IMDFTivOgUd0A8Alg&fb=outstream-lima&sei=44752538%2C44807614%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6727 15 KB
16 KB 38ms
38ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:41:34 GMT
x-content-type-options: nosniff
age: 173505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:41:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6727 15 KB
15 KB 39ms
39ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 02:54:01 GMT
x-content-type-options: nosniff
age: 61158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 02:54:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6727 0
20 B 98ms
98ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CcYItriSsZfXUJ7je6tkP0J-AsAnoipmydZGM2dSYEuKapczFDxABIMXuiy9g_aCZgegDoAGSqre5KMgBBagDAcgDmwSqBPEBT9Bf8LaleIQ60p8ark5PxATyvncZXqEGU9evbw2gYfhsfDwNVEgMTD4EeEX4mkC6z47PORk1zqxsUSX747Vj7xWZpesiJfqR3Ibs8aeXXltY4ynLKJN1TV1OfEMjnL7MMU0r5i8xxDpzX-L_KBeaw8Ovo8aiN7T11USPB7d81K5Ds6ytbD8uLtOXYBVjbmRhRskio-KGvlLDq5MqcFisWkmK7aAWwQZvVxb-1VULElhdLZYh6uicNoI-qM6dPc4d-Z_P7gdOsJZKuh6edVliXWwr6e5CQRVOPk2Ur7xuMxRZ51yHJl9-zCK5XPPrNKP5KsAE6J-W4sQE4AQDiAXUjLWsTZAGAaAGdoAHkuKHmQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj59uWV3-yDA4AKAcgLAeALAYAMAaoNAkNBsBPW2bYW0BMA2BMNiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1705780399301&ai=CcYItriSsZfXUJ7je6tkP0J-AsAnoipmydZGM2dSYEuKapczFDxABIMXuiy9g_aCZgegDoAGSqre5KMgBBagDAcgDmwSqBPEBT9Bf8LaleIQ60p8ark5PxATyvncZXqEGU9evbw2gYfhsfDwNVEgMTD4EeEX4mkC6z47PORk1zqxsUSX747Vj7xWZpesiJfqR3Ibs8aeXXltY4ynLKJN1TV1OfEMjnL7MMU0r5i8xxDpzX-L_KBeaw8Ovo8aiN7T11USPB7d81K5Ds6ytbD8uLtOXYBVjbmRhRskio-KGvlLDq5MqcFisWkmK7aAWwQZvVxb-1VULElhdLZYh6uicNoI-qM6dPc4d-Z_P7gdOsJZKuh6edVliXWwr6e5CQRVOPk2Ur7xuMxRZ51yHJl9-zCK5XPPrNKP5KsAE6J-W4sQE4AQDiAXUjLWsTZAGAaAGdoAHkuKHmQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj59uWV3-yDA4AKAcgLAeALAYAMAaoNAkNBsBPW2bYW0BMA2BMNiBQC2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6727 0
54 B 360ms
123ms Ping
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrmhlvpi&c=7497573240254&slotId=3748786620127&qqid=CPXj55Xf7IMDFTivOgUd0A8Alg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.k6&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6727 30 KB
18 KB 83ms
78ms XHR
text/xml 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BKzyqbiZOrc-7YNB5RMX0e0KktkJWagv3qQqGDm5-dl-NkA67O1Jh9NHNi_tk90xP2lW-Kh6_BfgSg7KZs0sPBPgm9UA&cry=1&dbm_d=AKAmf-BuAPWLvAqdeBUWfvkKa-Ach5q4N2aGp9bTsmZigl8OU60y6BHWm-VgERabtanlavXj1db2x1RmeBtO3selo3QHV_cwmrogzxi-Ghr9mFPuvpan5m7p0G1etvW5DIqsGyA5UU9JpP2mMZVkLljZErvoOwvx1a8qq8hEvohUsexsMTn9HFlxhw8zAvyOiB0O3eK3C2LYMBIl5iH92-XRsvp4zVxKtnD7ltFbmHP1ONmydgQe16ei31JEK41VEy56Q4n80GowJKc54ku7C5kULF7ou2ocSnZIlkNNBsVH27wdDWmzzhprQnA2RhBJ0mgfEZg3b6ifMtNI39OR-SVX_EGJEDT6bvFwYvoKZ873L569H0ciP37kIV8ybgGgPx_7uqTFZwDtUgaHXDINQZ75ZT-3v1cPVfRRm3ZLId8rSEJbQVm5YrccKKQoY20KniC8lZilEvqZ-a1R3e1SofDMKS6iUTenlnxb7TNOHLxAco3RvA4fmFLft68iYXV7YXtSBSxoRDc3VJlnmjinkYx3OzrqjZl1T73JFmEJxugKHt77xOJUzyf16JTmzGCtWY_fq5wRxgmBw6fNNpwhh8MSz9bGKsxpBkW5BAlpfEO6_6lHEZ9A4PUjpxQdnmVIi4kvwYlriQ3Fe4iToWf0YIQsQmqgsv-Aig2p0TD1AW5WtQcFs1B7gweIGAZQS2pK5KT51flUm56V75rKBBezlZYFfBEWWhkB0iK97JbbQqMCqg1V_HEF8-TqoBc0w6We0AlowIaNXUdPLIFK1VbOe2hflL49cGu7gQmJXEp-VIHWNT9ur6ByW0lOTxo6vgOusEI7x9UHPVznp44uR7T5nCYTUdIJNBjIOucm0nziE7-hThmbyDYK731MY00JH9n-dKGYUcL5vqfjWrPAqooSgVsaTCim7Z0osqbAz3NauRl-B1yZ0-r7xaEg4_zpcOVAmKLyeAqzGtNklpCxx655QPt02yLSmTH9dUgTT-YFUvj6b0SlEQCYc9IglVBR3xemZvQw-TEqA9IKIDhaTjLcRZB_OYTF9sEHbgIFlWzYfgMJKjQx-zMZ0SjMoqLxd2aw5Q0MdnhYRtBTj-dQUyqZigt5JAjR6VIoizz1MOL1qmymMd8sVN4D7BPSgH6d_rJx_PuPSES7lrHc9cB2LC5og5Mr1WxXY64mA8R1rECLZ33G6Xb7vOcjVYefz3M7O-XzfMrR2vp-Bq38lxW-3RYQlBLx3Q4m8Uz1mvKeKJckgazGZR7ko5BQ-NW2eEf3to02Imfn01pNnhqBjtg_Oe0m1UPnd4QeFK6icQFcLge5_DaQh0aVyeOX83AkKdNO107yXYCQDos9Mg5l4Zz025OjRCepa_Tg2lEwZHEth1agLdCCovB3BAErQ1LImM7z7FnexefhjQkwo4sZSrzrfJfBzZfDPCZj8lVJWi3q_mpqz-6M_MTX3PJiEKHu1WpVMcZssqoAcEzX49lHqmngPTrDos3sy0J2-HX1GtrtBA1qyujJdWore2AAyK2rVMxn_pcouWTO9gL7uEeJbS6cToer5T1dLsKemFxJ9KKZIp-PHjI7MiQwbvdb5MSvpQBOc2Loq-AtX5022MWLcI8vrRjNlpdcc2OAinb_jLFaAFu-1m02Fpe8vimqpBVJ_zuDyhrTx8QgrfSHc8IFmG1YVvk5y8FqZv3sxfx1uxg-0aun7EE3TjzOiLHSI6oGvGEfTLZXKnwdT5T-ivKubV5Ej89i0q4j_ALOJacNiH6XItP0rxRPHLBUGjJCh2-RrGvRdMSOVRgtrExG1uyBvg7gZjfOoUFpgoWvCRSHoNOwBn8YRCjfKx77mMleSF5v5V8xNA9Rir0WL1qei8G6P7oDzXlehSj3GkLADq7UQzD-m-Tp3nBMYc8PWlM7yt5jRYtPcc8XZTfnK2TxPNWZdCPrEnb9AfMFBSnijWmFtSetWGdSUHJ_-oJAzDloh0oOKLKbVYqjfdSfDsv1Cj1n2u8QH6uJlJ24l2Tix8niRHn1tk5FDm1Ai7YnSUQSL7kQv9Yat5uoiRF_J-zEQNxS-qOb-wo_8Oufy_GwbRjZAJTiHrZ41KH-GNCrPZQj1u2_mYRLHfDiXIPSViI-VdRj1TxHuKiNYCjMmNxktVUGs2CzJ8Va95Zvvgs2w3RqGkk3fhu4QbRFs_zuDKVWKICf5dmWdeKPSeCPwKNaH7822a4hZty3JCLpnSD8PZfS0pF9t8RVBE6i6FbouZOBidElgc9d4IRNkRbMNJ15yfdQjFVBFi3nWpgRV4wv9-V6C3MXqoJDZmGyoBXwmh4N_GPUwwzb15wvC5fxTSTZqbTPvZdZBWjX0VKx36b5UBnJ6l8wkgmJQ3uiaBBEcxQ9xJISxiZaJkkJbOWRh8tkDbdfhUQVRkH8QEpHdCKvc50bveQXeLUG_WyjUEfGKz_fAwfx3ijT-Vy0W2kBy-zsaJrN7QMuPZc_dSGDcwHhYj3SeM0ZrF6qp3SeNvyGF65meIoJ0Yd85d5QYlh19qyMrMMtFEaFh_HgbpEuIcYGzAI_8jO4bMX1-liL5iwEMKpf42XNHQifNUYwnbulZEqUKuDdYZsCWUxqKWfAw8HrG4dyhUzkcGRKLKR0zbFHiljKv-ZMDU3SihaWT4zLthpsSPomu126tak3kRY3XWfJO6s7H2iDMWuJXcFZ_Vy7KGf6lJYYorOJYkcMWYTzCQ3oEWuz878V-nqvgGK4gy71nza_PG4aTAQzJwQgcqXRzD_45WgWNt9RELE_2FNjRQNaD9yzyRKpXbmHY2Fz0L0UIlkhz6svWeACkwhStJqqFIUd5QWclgvzCjwtX9WUNBgxmzogYOSuMzLSS-S1BIlmlBxN5LUmrofm_pqFeDIvfELLN29zYWgrJ8zwZYlEfsVah9p0LIsaCSXT_qBh2wHxpyMas8-vgOTlAxBPjoGlUCvGTz69qetrHAbxU9MAsmUSa6PV457tiUbl-2yhnAfbyEHZyruVjPWD7MfF9wW_75-sQTnYiaBp2wpJWUQFpRvJPB1uJli8i9oZ3b4qXR708KdsRrdoy0x0gHkPq7AciMKI7NYCqUqFge2WHj6-n4SlYCr_GbJgbMD_F17kadO8RmGiWrNnz4rR23k4ASsyj8kPq2nD1wyne80gFqvhMtvc0yYBAGYEvmbvKccCoyKSFZ21oSEuo4MpM8uynvmmfhWUJWCro2K2mjPFYsxgQrdcwh0aMp2d5U2E23vpP1bH2C2SWzIejmkoUzbnIrfuaqwVfYM2y-yLgpDMLJUymMvchNzligVSa7TVhEvHE6cVE54ZYUOlOxsqRMrEOw0BIwWEBWD8JaMQeGvqndnoqiMMg7N0S_0eqPndbJgIB8pq0QtHfquImdYOiiUFOItS_rD1nOG9WUL-XM9Fps1c8ReDDIqA8w2MRzTaWOU8HJ-41zmVw1hUfYcjaeiuUpYBMpKh5uc4_V2xRastUAcKunLbj4p3Nx4tBs2hE40gq_e_4PHKt8d1LERUHuaXezunHUbIPVJHLjUdRAzVOzOGEoLYNWu8cA_A6gRydzjDk1HZIGm2lXh9j5VcKQsgx1ilHVwM2KmzdDcmHODlY_TJ8_8xdzrJOJADTsrGqXghyWd_HSXcudlHuSxdObZqTzCHsR-_WrhecZ6dZoEQGndnL5BaL2SxIFwUwH5N6DR8n_FesEMHEoNAMzXo0NvcqlAWYJyc8MfF&cid=CAQSTwAvHhf_mhFufdt35wxApSbAHzOm32NW6JIgkvLSm6D7LCRaOgrHTVB4FvaGzFei8xmzHuEnDdakZegTfiCw9D-ZqemCYhXZVxwP0Tk7V00YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

d6a8cac1efb2ac385bde68bb0a6df9d78bee05bc3888fc3f8a6e327333ef805b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17356
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6727 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad70820727bc707400bea2ca99814fe316dbbcfa8f7c727fac94acee49765dd0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

c.gif
www.bing.com/aes/ Frame 35BB
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=130a5ed5-345b-49b9-82ee-92674063369f&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ab7772d4-7085-466a...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c67fd30786874c8fbf99e9d65878e84b&SNR=1&GV=2&med=10

0
544 B

71ms
71ms

Image
text/plain

23.48.104.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c67fd30786874c8fbf99e9d65878e84b&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474
Protocol: H2
Server: 23.48.104.178 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C94153A89FE42DAAAA4859B754AFDD9 Ref B: BL2EDGE1416 Ref C: 2024-01-20T19:53:19Z
x-cdn-traceid: 0.b2643017.1705780399.dc2becae
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 20 Jan 2024 19:53:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09DD4F95CC024E43B5B40734D7F86F3D Ref B: BL2EDGE1310 Ref C: 2024-01-20T19:53:19Z
x-cdn-traceid: 0.b2643017.1705780399.dc2be8dc
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c67fd30786874c8fbf99e9d65878e84b&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 35BB 20 KB
20 KB 117ms
39ms Image
image/jpeg 23.48.104.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8108962204390_1FEKOWJGRTGWP0UOO2&pid=21.2&c=17&roil=0&roit=0.153&roir=0.9993&roib=0.938&w=336&h=176&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.178 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c8355fff749eded163bb48c06ce2f766ee430f02193cba0d70b899220322063

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.b2643017.1705780399.dc2be8db
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 20389
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 35BB 0
530 B 114ms
38ms Script
text/html 68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fe4t.com.br&e=wqT_3QLkA-jkAQAAAwDWAAUBCK7JsK0GEKv4m4rxn6bdFRgAKjYJOTICDTTNkz8R-fygSvBLkz8ZAAAAoHA98j8h-Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4rccFgAEBigEDVVNEkgUG8OWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEmh0dHBzOi8vZTR0LmNvbS5icoADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXzt_aQ46_-_GPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUY-gUECAAQAJAGAJgGALgGAMEGAAAAAAEvJNAGwo0E2gYWChABMS4BAHQQABgA4AYB8gYCCACABwGIBwCgBwHIB63HBdIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=62d29fd13e3d2b33fe6ebf71f946645d1a61cfec&bdref=https%3A%2F%2Fe4t.com.br%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fe4t.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3272641779235890%26output%3Dhtml%26h%3D280%26slotname%3D7946552792%26adk%3D658120095%26adf%3D369929440%26pi%3Dt.ma~as.7946552792%26w%3D528%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705780398%26rafmt%3D1%26format%3D528x280%26url%3Dhttps%253A%252F%252Fe4t.com.br%252F%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705780398163%26bpp%3D1%26bdt%3D476%26idt%3D455%26shv%3Dr20240118%26mjsv%3Dm202401160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C528x280%26nras%3D1%26correlator%3D1637122345497%26frm%3D20%26pv%3D1%26ga_vid%3D1051451749.1705780398%26ga_sid%3D1705780399%26ga_hid%3D642909159%26ga_fc%3D1%26u_tz%3D-480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D821%26ady%3D3280%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080333%252C42532523%252C44809004%252C95321958%252C95321627%252C95322166%26oid%3D2%26pvsid%3D1743161444856065%26tmod%3D1381456514%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fe4t.com.br%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CepEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D474,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3272641779235890%26output%3Dhtml%26h%3D280%26slotname%3D7946552792%26adk%3D658120095%26adf%3D369929440%26pi%3Dt.ma~as.7946552792%26w%3D528%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705780398%26rafmt%3D1%26format%3D528x280%26url%3Dhttps%253A%252F%252Fe4t.com.br%252F%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705780398163%26bpp%3D1%26bdt%3D476%26idt%3D455%26shv%3Dr20240118%26mjsv%3Dm202401160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C528x280%26nras%3D1%26correlator%3D1637122345497%26frm%3D20%26pv%3D1%26ga_vid%3D1051451749.1705780398%26ga_sid%3D1705780399%26ga_hid%3D642909159%26ga_fc%3D1%26u_tz%3D-480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D821%26ady%3D3280%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080333%252C42532523%252C44809004%252C95321958%252C95321627%252C95322166%26oid%3D2%26pvsid%3D1743161444856065%26tmod%3D1381456514%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fe4t.com.br%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CepEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D474&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
an-x-request-uuid: 4a7357d1-4dc3-4c0d-ad39-e98a1c3b1412
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.18; 86.48.14.18; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 1206 9 KB
4 KB 39ms
38ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 66692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 01:21:47 GMT
etag: 3009746639812436877
expires: Sat, 03 Feb 2024 01:21:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 7244 9 KB
4 KB 38ms
38ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 66692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 01:21:47 GMT
etag: 3009746639812436877
expires: Sat, 03 Feb 2024 01:21:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 9301 9 KB
4 KB 39ms
38ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 66692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 01:21:47 GMT
etag: 3009746639812436877
expires: Sat, 03 Feb 2024 01:21:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 0C7A 9 KB
4 KB 40ms
40ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 66692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 01:21:47 GMT
etag: 3009746639812436877
expires: Sat, 03 Feb 2024 01:21:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 6727 0
54 B 251ms
122ms Ping
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrmhlvpx&c=7497573240254&slotId=3748786620127&qqid=CPXj55Xf7IMDFTivOgUd0A8Alg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6727 41 KB
15 KB 37ms
36ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:19:36 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-tt1elnel.c.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6727
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-tt1elnel.c.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

62ms
18ms

Fetch
video/mp4

74.125.0.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-tt1elnel.c.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54E7E02983610D2C282D224CDEE17482A584E2F3.23B630FB07B5287E3487A7E20D43816E51B01BC7/key/cms1/cms_redirect/yes/mh/K5/mip/86.48.14.18/mm/42/mn/sn-tt1elnel/ms/onc/mt/1705780121/mv/m/mvi/3/pl/24/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

74.125.0.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s12-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 19:53:19 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4122007
Last-Modified: Thu, 09 Nov 2023 22:22:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 20 Jan 2024 19:53:19 GMT

Redirect headers

date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 640
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-tt1elnel.c.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54E7E02983610D2C282D224CDEE17482A584E2F3.23B630FB07B5287E3487A7E20D43816E51B01BC7/key/cms1/cms_redirect/yes/mh/K5/mip/86.48.14.18/mm/42/mn/sn-tt1elnel/ms/onc/mt/1705780121/mv/m/mvi/3/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 6727 453 B
594 B 38ms
37ms Image
image/png 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-3272641779235890

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Sat, 20 Jan 2024 20:43:19 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 1206 4 KB
671 B 46ms
46ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 18:12:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C48F 14 KB
1 KB 47ms
47ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 18:13:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C48F 2 KB
903 B 37ms
37ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 15:35:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame C48F 23 KB
9 KB 41ms
39ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:32:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C48F 3 KB
1 KB 38ms
36ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 17:26:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C48F 20 KB
8 KB 38ms
37ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:45:05 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C48F 206 KB
65 KB 85ms
84ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame C48F 37 KB
16 KB 114ms
37ms Script
text/javascript 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 16:14:59 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 1206 16 KB
7 KB 39ms
39ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 21:00:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1206 205 B
519 B 140ms
68ms Image
image/png 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:06 GMT
x-content-type-options: nosniff
age: 15733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Jan 2025 15:31:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1206 604 B
695 B 140ms
68ms Image
image/png 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:40:22 GMT
x-content-type-options: nosniff
age: 15177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Jan 2025 15:40:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 1206 22 KB
9 KB 39ms
38ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:12:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7244 2 KB
822 B 36ms
36ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 15:35:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 7244 23 KB
9 KB 36ms
36ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:32:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7244 3 KB
1 KB 56ms
55ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 17:26:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7244 20 KB
8 KB 38ms
38ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:45:05 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7244 206 KB
65 KB 84ms
83ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 7244 37 KB
15 KB 112ms
54ms Script
text/javascript 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 16:14:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9301 2 KB
822 B 48ms
48ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 15:35:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 9301 23 KB
9 KB 47ms
46ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:32:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9301 3 KB
1 KB 53ms
52ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 17:26:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9301 20 KB
8 KB 38ms
37ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:45:05 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9301 206 KB
65 KB 80ms
80ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 9301 37 KB
15 KB 106ms
60ms Script
text/javascript 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 16:14:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BDA7 624 B
242 B 61ms
59ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDF-7m6AhiZlOqDAjAB&v=APEucNX_oIjwhq0xv0uLam_s6FEbBPJtdeCCrXVuRWmre3g_7T7qLkmZpl5UY7OoGP49aZ9xttBX3YfCOiYraNOwJw59RW9qdQ

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4F41 89 KB
31 KB 93ms
92ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 4F41 18 KB
8 KB 54ms
52ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 20 Jan 2024 20:34:58 GMT

GET
H2 200 it
ag.yieldoptimizer.com/ag/ Frame 4F41 43 B
467 B 96ms
55ms Image
image/gif 35.201.74.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.yieldoptimizer.com/ag/it?ac=88184596&n=9&cb=1705780398623671
Requested by: Host: e4t.com.br
URL: https://e4t.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.74.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 200.74.201.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

analytics
tag.yieldoptimizer.com/ps/ Frame 4F41
Redirect Chain

https://tag.yieldoptimizer.com/ps/analytics?pxid=263380&
https://tag.yieldoptimizer.com/ps/analytics?tc=659145018&pxid=263380&

43 B
209 B

56ms
52ms

Image
image/gif

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/analytics?tc=659145018&pxid=263380&
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: H2
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/analytics?tc=659145018&pxid=263380&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 4F41 3 KB
1 KB 37ms
36ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 17:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 17:26:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 4F41 20 KB
8 KB 38ms
37ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 20:45:05 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F41 206 KB
65 KB 74ms
73ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:53:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F41 42 B
63 B 100ms
99ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWEpb5xxQ0eL14BA1KNG6C_XHx8GSH5fD8eUaxwLEvwlWZcdt8abAvpxkk3LHXml7Zo2Ezo1egdDqpW9taMt1Dro2GQyv_qtUR3b3picVD7wsZAa8

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 35BB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f1f3cfdc8af037d3eb982c2429783bbf52bdf15d1ad8ff203c5135e15736d61

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 35BB 0
19 B 108ms
107ms Image
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Ay-riSsZYP-Kr226tkPwr2MiArS4Nfgbo-ktpOTCsCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0zMjcyNjQxNzc5MjM1ODkwyAEJqAMByAMCqgTGAU_Qb0ptolPV24XUEjZ3hzEpfDbw79vhyQZs9qyQDFLT5U66rQI-r-eDQHM5POJw78wi4qG6HyPAHQ8OFg8HlC9oCL-99r2zA-SmkuOQGekRPBhj78vePlrGTMf7V4jDgLaR7Oj0MvELw5wMkOFT3uqiinzsIwRqUuXMxsrQDJ0PSiL0-vZGB4upntXk5YNZhvJLx9F61rXUDmUFLlJGh4JXelokQD7G5WkKryL6pKlixR4lg0mo70LsOvMuBGk2ZE0CLlnecoAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljUkumV3-yDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjcyNjQxNzc5MjM1ODkwGAA&sigh=08zRFA9MBNA&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_kOTLGmaELMdLhwrlG26SEraD5XIOzTNJRJIFDqg70tLDqoNrczPYQtqxNSPN5pNdFolnAwDBKfyxzUuT8Hp75P69hztIww2yfxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 35BB 0
529 B 38ms
35ms Image
text/html 68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fe4t.com.br&e=wqT_3QKWB-iWAwAAAwDWAAUBCK7JsK0GEKv4m4rxn6bdFRgAKjYJOTICDTTNkz8R-fygSvBLkz8ZAAAAoHA98j8h-Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4rccFgAEBigEDVVNEkgUG8FiYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEmh0dHBzOi8vZTR0LmNvbS5icoADAIgDAZADAJgDCaADAaoDrgMKxAJodAko8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YWI3NzcyZDQtNzA4NS00NjZhLTg0MjAtODUwZDVkYWZiMzJkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBhjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8PVfc3l2dHVncnFfYTJxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTU2NTczMjA0MTczODYxNTg1MSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemN5TkRBNE9EUTNPRE0zTnpNak1qTXlPVEEwTURVd05UWTBPVEV5TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXzt_aQ46_-_GPABQDJBQAAAAAAAPA_0gUJCQAAAAABEGjYBQHgBQHwBRj6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAetxwXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AfnsQmKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=4a6211c98969ac14b18a74d7dbd9783e6cacd2e7&pp=ZawkrgAKvwMFOps9AAMewmaGHb8AfBgQezKWBw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN0vriSsZYP-Kr226tkPwr2MiArS4Nfgbo-ktpOTCsCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0zMjcyNjQxNzc5MjM1ODkwyAEJqAMByAMCqgTJAU_Qb0ptolPV24XUEjZ3hzEpfDbw79vhyQZs9qyQDFLT5U66rQI-r-eDQHM5POJw78wi4qG6HyPAHQ8OFg8HlC9oCL-99r2zA-SmkuOQGekRPBhj78vePlrGTMf7V4jDgLaR7Oj0MvELw5wMkOFT3uqiinzsIwRqUuXMxsrQDJ0PSiL0-vZGB4upntXk5YNZhvJLx9F61rXUDmUFLlJGh4IVeHu2gpo8iP3w25dk_S3UwT0vB0CG95tOvKqquOkcSFXCr7uz5tjVLIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljUkumV3-yDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2HF2PpK7Ql6Q14ppD8UUaRu_inwg%26client%3Dca-pub-3272641779235890%26adurl%3D&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=369929440&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398163&bpp=1&bdt=476&idt=455&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C528x280&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=474

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
an-x-request-uuid: f87bc878-2c52-436c-a576-3086d8f93085
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.18; 86.48.14.18; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 35BB 0
553 B 42ms
40ms Ping
text/html 68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fe4t.com.br&e=wqT_3QKWB-iWAwAAAwDWAAUBCK7JsK0GEKv4m4rxn6bdFRgAKjYJOTICDTTNkz8R-fygSvBLkz8ZAAAAoHA98j8h-Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4rccFgAEBigEDVVNEkgUG8FiYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEmh0dHBzOi8vZTR0LmNvbS5icoADAIgDAZADAJgDCaADAaoDrgMKxAJodAko8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YWI3NzcyZDQtNzA4NS00NjZhLTg0MjAtODUwZDVkYWZiMzJkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBhjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8PVfc3l2dHVncnFfYTJxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTU2NTczMjA0MTczODYxNTg1MSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemN5TkRBNE9EUTNPRE0zTnpNak1qTXlPVEEwTURVd05UWTBPVEV5TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXzt_aQ46_-_GPABQDJBQAAAAAAAPA_0gUJCQAAAAABEGjYBQHgBQHwBRj6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAetxwXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AfnsQmKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=4a6211c98969ac14b18a74d7dbd9783e6cacd2e7&type=nv&nvt=5&jm=1003&px=96&py=0&bw=336&bh=176&sid=8432467911584112813&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=528&ph=280&ww=528&wh=280&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
an-x-request-uuid: a7924d3c-5947-4253-b6f0-1514bc129e97
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.18; 86.48.14.18; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C41 23 KB
8 KB 39ms
37ms Document
text/html 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 171375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 20:17:04 GMT
expires: Fri, 17 Jan 2025 20:17:04 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BDA7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&C=1

43 B
339 B

48ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDF-7m6AhiZlOqDAjAB&v=APEucNX_oIjwhq0xv0uLam_s6FEbBPJtdeCCrXVuRWmre3g_7T7qLkmZpl5UY7OoGP49aZ9xttBX3YfCOiYraNOwJw59RW9qdQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0oi2akm5WGnAVgbPJA6iiZtJtdJVLDlIZ2%2F1%2FUspW9OikOMgpsjs6TurARUGJCP8EAsH3ugy96PfCWv%2BoUa%2BoJ7anB2ErSKERGtxbsUlxl5cz%2Bl4fh%2Fday1mfCbPFJehuT685cMVLfWQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8489dcea8dd939cf-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luY3yAn0WhplPIpHtcHY5GPw7MRW8ojtEaDxTJHIh5Zeg82ZZtR4OtfQniZMmdms4jJ08kQf1mkHDkIV1%2FGrLMI2692SxKt7jrzxvFr2uaAhJ1YdRiEfCX81Httrdo7CkASfcXSeMAAm5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8489dcea3d5c39cf-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BDA7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zawkr.u9l6aYzTmEt5uZRwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&google_hm=2

43 B
775 B

66ms
66ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDF-7m6AhiZlOqDAjAB&v=APEucNX_oIjwhq0xv0uLam_s6FEbBPJtdeCCrXVuRWmre3g_7T7qLkmZpl5UY7OoGP49aZ9xttBX3YfCOiYraNOwJw59RW9qdQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSaEUBq4PSdRGFCS2rBH7xnPOpJMDYz7Rb6xzPXl7mraR0QZLxPY%2FpBZEyGnEgv9KZLC5Lb1TGnfOfO3Mc%2FHrT9eBVBPoRmHQbvA8DAI%2FfpaxJ%2FDhynUy7MCFuEMoWBY%2BodGqPloIaGD2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8489dceb2c3da222-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC02Y2I-ozMP0rp2EKEtik4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame BDA7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJqb97lASPvMLI3Dv2mY3UQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqb97lASPvMLI3Dv2mY3UQ%26google_cver%3D1

43 B
1 KB

44ms
43ms

Image
image/gif

68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqb97lASPvMLI3Dv2mY3UQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDF-7m6AhiZlOqDAjAB&v=APEucNX_oIjwhq0xv0uLam_s6FEbBPJtdeCCrXVuRWmre3g_7T7qLkmZpl5UY7OoGP49aZ9xttBX3YfCOiYraNOwJw59RW9qdQ

Protocol

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
an-x-request-uuid: bf113eb8-d94c-4037-89e8-4c3ff80f8728
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.18; 86.48.14.18; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
an-x-request-uuid: 5851683c-747f-4cd4-9b5a-ee27139fad4f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqb97lASPvMLI3Dv2mY3UQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.18; 86.48.14.18; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTIxNjY2MTE1NDExMTUwNA%3D%3D

170 B
188 B

53ms
53ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTIxNjY2MTE1NDExMTUwNA%3D%3D

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
an-x-request-uuid: fd10d582-016c-47a3-badf-e28739b2cf09
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTIxNjY2MTE1NDExMTUwNA%3D%3D
x-proxy-origin: 86.48.14.18; 86.48.14.18; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 redir.html Show response
p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A23A 247 B
868 B 128ms
47ms Document
text/html 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

0a5d509accfa923c0c28c35bbf12c690ce13164a2df74a0a69f9400285594a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-LBn86oWDly4i4V1kltV4uQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F41 0
20 B 99ms
99ms Ping
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5288152839323&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F41 0
20 B 98ms
98ms Ping
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5288152839323&version=m202309260101&ct=77&x=1&cor=1689601046317798000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4F41 33 KB
19 KB 77ms
77ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsLNwH8eJZWYC27gH3XMaK92egvvFfD5C6pFH13DGWuwh2_ohuUaFdRfY1OX-QICyz87jhDgFCO8tVwpSMU65emjR-0Dy1C3nCBTcEgJDl1WtJtvPoZLlpGVBxX7mWQmjvQe_OUjDx7W4KeopzBpSC1kw4W_SlpXaA9ec8vBxp9Sdn4ww&cry=1&dbm_d=AKAmf-D-IS0haWi9G8iuizIcqiU-OnorXZyZfh5X35s_Fhqi-2SLEQOj2buQ0iNHW3UlcJnoLLacdwWTKdFRv5X88wBmRFKLmMthUXF1wS3V6I2FdHKp923BDszsPuTLuL4AROEqWw_K5LztobBJKqbm0qjWguMrm88xh86VJXwamLdiYk3z7JFKEuiY651KJtG7ZI6bCg4hTjmRwXjHWjnEqHRBNGjBubwES6gbpvhjq1kHbXfnVq4_W7Fr3oYCsKqhSnGVJYlZWe7IWinwLgHJgxibw0xaXIE-ef2xG98FcXA06Bl5XV0ITMyOEy1qi3nshyRa6l1MlcQWquqCZULjpqjJdOpf4PKVYWvJWzJ7Cxgpt6kOUEr3_cPJ-kZtDZzr-6EOlMrc9MkyO7r-qRTFinucPqTE6uhI15tRDGxuu2sFrRgGpdiQb41N7aJ4XM9L5qRa_gEDI26GzcdtydF4uGm3AGo-mWow5DESArXOAezQc3fUnvGSiZJRrhnq8Gh5BPJ-exXldxTHOaK01LHbXGZB7WGkvgWEl6hMDJzpmQAzo6QHJAE0JtTXpG66fUfkIvFd3qWwp_gMIf5DtbV1kEVFHbj1ub_ALSBDntthjiKW7u2qJgyyf1_ACWzGIG2T3PC1rTEvyyGo_7ssw9lVjw0zYeLv6LF7GP4Q7T67xB7J-VHi-DfpEXoK-HeT1of_IPD6nIY4vZ7SWVnRA-U96jlilaDusmEM57LumVQEW8gF_Om35aDXFss-b-nFOxueROjMPFxKCl_qiZhZ_U_RZCRHdia6pJU37Nc25mhxGoDHHe7oK2XZ2t3UJiMizQaG7oDdPzlyvRYivZo8CDTxWVNPdU5k9GbUGNnjU67BJcvCg9vdRvYdTs8dAnDXtR4qmJmMCAPceTjvRGJoVgLt5mahniv2x6lbKGl3RcZPc_QJmByXJ4_zUiFW9fUJde-67u0uI8NEAcTzlFIiU_F-xcXdmaxsH7UfOB9b8Km6Ux9YrUDMkeSezSk75eoZBKz5TmKsDt4k-Acawq9CC4oWiJf5JEYtGMx9T563mYoH3cU9vfhoYyGs2SIY-oOq3NtSZF1nMP7ui_zVTF0wOZXFT7SDOTUEbItHM4mIR-BfGnDJYQAh5GzB4ceYi2gn6Gqx_BbvUzNAKzUTsd97M1JcPIfXFRuJGAQo89CKkdP62GkvpuEvamk1sxTVeiCG7R-levDCkZfH-Wvf3pzyzg8Q2DAio7Il9UDQNGgMmIJelv9euPAh7fbhDX6myJqBREt2MqGiRmaY2EIRxaJGyjYo8Oz3xFTp4ZgYPlJ4tTLa0XAIhsQeeAmpO-O9utMXFU3MnBSh2-SJoIl3sqfZ296-ZtqTjBYGePlOlGqIJNVoxyuKfGtM_AwXIAmlr3Ti-5cuOxfVF_fWsAPqyf_PAabL37GghKTUi4NOwklmXOl950pVE5sI5LyrRRfI6ODyQAAykFchWOZ_pDaWR0_rZkHi8LBHoyipqWCPqwWV0BbtYPtWKfC9A7yOdKmnuhBQB1R9srJeMvjiAGf6Hk0wwyrd99z31u0k9RfxiJN4xIu4eJmu69Mhk6WEJ0uq1OAmYkLaTsuqKnnLk3IexgNUWMSn_J8xnVFluFST9lVv8Y1F5ZsmVl2dSGffHHtm0JF6pBXqwPsNb7mA2rmr4Q8Ucngoc3f6NhoHJpLKcSiE6v8SB47SgLLGCb8aflSt98xciwKpDi9IErFTfc4AwTGV1UHKLfboHlh7gnVdMCpVeCsOZlkWkaveF6oS6XZ3Fnyg4BjAxIgJYs--j4-UVLltd9Z6Db-QBBOLGpTs3X_1tlsvsbAV0JAunfj5msAU91qZUBHIpPJMYgRjcB9KJg9f8PnXAggksoKDy4gWJW-SU4h-Tw37PmK2CpZmZvF7DDTTFQ59d-plcpQVZVjTJafz9hfjcGBLYqMLMvUqfVbxrcTki8fZ_iePD4TiKPZaO5DUJgzYwxBRv_4ae4Pv55RweeU66tTr3xyvNjcTs2MmzYQKoxBS0hoTOP2DulHHhKDiEgxoPMhOK_GAeRFVzBeyBsMW33cBthn_t3PfLnc7sbiv87tFw5Va7t-Zy77DXx0dRdY7sCguoGqC_Q6DbA8CEHUwWPObC8Rlg2bQON7ja7TfXrJulxZ6CKo6sWzQBczE_UuoV8_eolzNK7CfPRbAzqLsfyTeJnj0LV9AyJ2TLO5HVkyf75kMmqjmkWFFcgspZ1n0fpAMwyZnhYKJeq22rIHD-blwPZ7dquRdQ7Tt0LPW7IHFa3cPhF56laWCwaS9MMtURAXDGbgrbENLYnH5TtFaWVgH9QQadA3qWU3tT3yg4vcoDWMkZmXK_PV1TpCQEs0B2opgMxeUE9RHbbc1rP7psxCW6zJWEK5n1wZ6wEmGCF4EVc4v_naFOylvwPlhdwmXvZWH8xKXH9t2wUO1B0CNIQp3RP4v-tYIV_ZjZPucizLq7uVv3KuTSmjUyqdgkhAlgMOEXXnEM7jP7hGK3zBIVoIrjxi8cH0WXMk_aSlr8i82_59X3QqhHSIoKnAHqH3Borp3XwwMK6KttyEtL6LT3QuqemHGMYdEvT3og14DGF4isOz4fTvRQtFPsTeJrUbcGhDlmeaPPyWudihm2QFWvjhyIM03PMzBuytFGrZDSN7VQfqpQpNcvG5wZccy6hsvvIgzC_cMwVdS82GZH1f2RiQIezC91WGfcQzKKoOQMaVLQvza4_hwsn8ZVyT44F9uJ3zf92It4_jSqqM1JVZPm-ZQGZL0VjwuEOgvU5Ndharr3ZGn49ZWMmMI0xjXjelXxIZYP_Rcur3iJOZU-CNxXFh2zackaV-kOxAqpAxwl7nIsm-Rp7FgXzFxF87zHUxJX62gP4l8DJrPfNhiyHyuttPJTU_gz9VHBm_24CJ5BRKn0xbxeI8tFn1cYuGVQla9RaMj3hEfQTtkby2yeuGLJq-52d1HvSCOmajQJs6MhMPEzZyVXEisKaMMoi5TlWE6HmwjI6mfTylSsJL4O3ZquA4vCvKUNi5Bqt9oCS3FSoLc4RPQgrpf20pcm2qHdSqNDoCugx9658Gkx2BG7EL-ANZ0X-SqyW6JpOT1Sp5JG7dmZ6YUErcVRA18ijCXfa_GZEWXGvhEyQPMV1kek5_OQZHMHks1pMX7XjYm1qLZa6DE_Ba6lyGd_qbdATogjoS7MD7bbIcXWbVMSKtloTa5hhmmxwWRivO8Fswc94Y1ECK6-WoMGCgZsdW7ywdJL9vtsRLHTSheVPoQx612tlJ_J3xVu1EaoqIUe36QTjba038_J1kH6rpGhZs91vNJU9KvdI4S0lZgyzO4WGhieOvxEKvtEYvGvNwaFnWwzUaMOOQGFuMwfgkN0TwnDajphTNIhHPorVFjU5RDVYlt6JmdEe3EK5bWp78jnx5cmBr3xztAOO9MgJYRdiIjcQMCAUAZGpl1Af8qAyscAhWLAMa_fxTvd1rpSajwYsNwweE-Ep6hh6cuN5zOyCWRUQdqQhtu8CqtcO2DJbphC4uY7ZmW36oK0QAp0a4fVNCA_i0qi2VR1HrfSeoi9sYQYwPmNmyibAYQv0MIZg7fvTzQIfs6fPO2F72kfi_blxgVJyOwOlg2-PBSUlmYZDlYvpZyeLXG9urRYFFew4qLCifTUiWY5tUMCKXH5tV9Vfwm4R9zBg1FpWi2eSIqAXojOD4fS0rbz6HhBAWZDcrxbtCN9C8_Bx0Uq6c8s0t94eJOi5C3Dz2IKC3Sg1vTYHcbllwMo_TwojqLA1yHZl8RWUyTMPdYm9NoDkPiiG5_fBeeHE63BIAlnQWtWnJDyYngehqSHHy8xNgycrde5zqvKJR0TULCBJRhqzGZ1FXgMxi-0spU04_elK541EqayVHX9k4LHCGaCXmivbJDCyif9j0qaYhInszYhPvN_BOxeDfjOUZfFgpZptiAAM-BtukfbprqH0L0KbKiQqboDrgaqinTJyJ3zegkPdBYOmKUs1scwULC5ityhjDC6mY&cid=CAQSTwAvHhf_oE0Gcm-rgmOvrjeRo_2clC-0MP3lCxzBK0D_xmIN02IIK3PE-hk8th5mWgo9PnnAq50SvRtBIdFyc6iBqV99ORky_nNpNwK7foQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fe4t.com.br%2F&ds=l&xdt=1&iif=1&cor=1689601046317798000&adk=2935317966&idt=95&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

9cd3549935b760124b25cd1cf294b8b1f9b7f8744bc4b1e66e03a003a63229be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redir.html Show response
p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3AD7 247 B
868 B 118ms
39ms Document
text/html 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

7cd60a0ecb8cc7e389c1f5d6d7ab258c908e7d601a27b1f07ce83d125147e11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-4UZ99EwhaT4U2LeXteTSgQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 34C4 247 B
871 B 121ms
45ms Document
text/html 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

971927d9b4fe7d775c0dbb58b281275251e98070842f339f5839aab9ecf3522d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 206
content-security-policy-report-only: script-src 'nonce-3NSgNeFgqa97_UIwWMMLJg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r3---sn-tt1elnel.c.2mdn.net/videoplayback/id/6d84d13f77c339e6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737316399/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6727 1 MB
0 39ms
19ms Media
video/mp4 74.125.0.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.0.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s12-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 20 Jan 2024 19:53:19 GMT
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4122006/4122007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4122007
last-modified: Thu, 09 Nov 2023 22:22:52 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C41 39 KB
15 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 16:00:41 GMT

GET
H2 200 iframe.html Show response
p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A23A 5 KB
2 KB 48ms
47ms Document
text/html 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

956ced1323811331e70d52ad80520fa3a23f3c76a58eecdf29a5aed295884456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-o7q0c9bTC9__4bPcXcQGiw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 4F41 31 KB
12 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsLNwH8eJZWYC27gH3XMaK92egvvFfD5C6pFH13DGWuwh2_ohuUaFdRfY1OX-QICyz87jhDgFCO8tVwpSMU65emjR-0Dy1C3nCBTcEgJDl1WtJtvPoZLlpGVBxX7mWQmjvQe_OUjDx7W4KeopzBpSC1kw4W_SlpXaA9ec8vBxp9Sdn4ww&cry=1&dbm_d=AKAmf-D-IS0haWi9G8iuizIcqiU-OnorXZyZfh5X35s_Fhqi-2SLEQOj2buQ0iNHW3UlcJnoLLacdwWTKdFRv5X88wBmRFKLmMthUXF1wS3V6I2FdHKp923BDszsPuTLuL4AROEqWw_K5LztobBJKqbm0qjWguMrm88xh86VJXwamLdiYk3z7JFKEuiY651KJtG7ZI6bCg4hTjmRwXjHWjnEqHRBNGjBubwES6gbpvhjq1kHbXfnVq4_W7Fr3oYCsKqhSnGVJYlZWe7IWinwLgHJgxibw0xaXIE-ef2xG98FcXA06Bl5XV0ITMyOEy1qi3nshyRa6l1MlcQWquqCZULjpqjJdOpf4PKVYWvJWzJ7Cxgpt6kOUEr3_cPJ-kZtDZzr-6EOlMrc9MkyO7r-qRTFinucPqTE6uhI15tRDGxuu2sFrRgGpdiQb41N7aJ4XM9L5qRa_gEDI26GzcdtydF4uGm3AGo-mWow5DESArXOAezQc3fUnvGSiZJRrhnq8Gh5BPJ-exXldxTHOaK01LHbXGZB7WGkvgWEl6hMDJzpmQAzo6QHJAE0JtTXpG66fUfkIvFd3qWwp_gMIf5DtbV1kEVFHbj1ub_ALSBDntthjiKW7u2qJgyyf1_ACWzGIG2T3PC1rTEvyyGo_7ssw9lVjw0zYeLv6LF7GP4Q7T67xB7J-VHi-DfpEXoK-HeT1of_IPD6nIY4vZ7SWVnRA-U96jlilaDusmEM57LumVQEW8gF_Om35aDXFss-b-nFOxueROjMPFxKCl_qiZhZ_U_RZCRHdia6pJU37Nc25mhxGoDHHe7oK2XZ2t3UJiMizQaG7oDdPzlyvRYivZo8CDTxWVNPdU5k9GbUGNnjU67BJcvCg9vdRvYdTs8dAnDXtR4qmJmMCAPceTjvRGJoVgLt5mahniv2x6lbKGl3RcZPc_QJmByXJ4_zUiFW9fUJde-67u0uI8NEAcTzlFIiU_F-xcXdmaxsH7UfOB9b8Km6Ux9YrUDMkeSezSk75eoZBKz5TmKsDt4k-Acawq9CC4oWiJf5JEYtGMx9T563mYoH3cU9vfhoYyGs2SIY-oOq3NtSZF1nMP7ui_zVTF0wOZXFT7SDOTUEbItHM4mIR-BfGnDJYQAh5GzB4ceYi2gn6Gqx_BbvUzNAKzUTsd97M1JcPIfXFRuJGAQo89CKkdP62GkvpuEvamk1sxTVeiCG7R-levDCkZfH-Wvf3pzyzg8Q2DAio7Il9UDQNGgMmIJelv9euPAh7fbhDX6myJqBREt2MqGiRmaY2EIRxaJGyjYo8Oz3xFTp4ZgYPlJ4tTLa0XAIhsQeeAmpO-O9utMXFU3MnBSh2-SJoIl3sqfZ296-ZtqTjBYGePlOlGqIJNVoxyuKfGtM_AwXIAmlr3Ti-5cuOxfVF_fWsAPqyf_PAabL37GghKTUi4NOwklmXOl950pVE5sI5LyrRRfI6ODyQAAykFchWOZ_pDaWR0_rZkHi8LBHoyipqWCPqwWV0BbtYPtWKfC9A7yOdKmnuhBQB1R9srJeMvjiAGf6Hk0wwyrd99z31u0k9RfxiJN4xIu4eJmu69Mhk6WEJ0uq1OAmYkLaTsuqKnnLk3IexgNUWMSn_J8xnVFluFST9lVv8Y1F5ZsmVl2dSGffHHtm0JF6pBXqwPsNb7mA2rmr4Q8Ucngoc3f6NhoHJpLKcSiE6v8SB47SgLLGCb8aflSt98xciwKpDi9IErFTfc4AwTGV1UHKLfboHlh7gnVdMCpVeCsOZlkWkaveF6oS6XZ3Fnyg4BjAxIgJYs--j4-UVLltd9Z6Db-QBBOLGpTs3X_1tlsvsbAV0JAunfj5msAU91qZUBHIpPJMYgRjcB9KJg9f8PnXAggksoKDy4gWJW-SU4h-Tw37PmK2CpZmZvF7DDTTFQ59d-plcpQVZVjTJafz9hfjcGBLYqMLMvUqfVbxrcTki8fZ_iePD4TiKPZaO5DUJgzYwxBRv_4ae4Pv55RweeU66tTr3xyvNjcTs2MmzYQKoxBS0hoTOP2DulHHhKDiEgxoPMhOK_GAeRFVzBeyBsMW33cBthn_t3PfLnc7sbiv87tFw5Va7t-Zy77DXx0dRdY7sCguoGqC_Q6DbA8CEHUwWPObC8Rlg2bQON7ja7TfXrJulxZ6CKo6sWzQBczE_UuoV8_eolzNK7CfPRbAzqLsfyTeJnj0LV9AyJ2TLO5HVkyf75kMmqjmkWFFcgspZ1n0fpAMwyZnhYKJeq22rIHD-blwPZ7dquRdQ7Tt0LPW7IHFa3cPhF56laWCwaS9MMtURAXDGbgrbENLYnH5TtFaWVgH9QQadA3qWU3tT3yg4vcoDWMkZmXK_PV1TpCQEs0B2opgMxeUE9RHbbc1rP7psxCW6zJWEK5n1wZ6wEmGCF4EVc4v_naFOylvwPlhdwmXvZWH8xKXH9t2wUO1B0CNIQp3RP4v-tYIV_ZjZPucizLq7uVv3KuTSmjUyqdgkhAlgMOEXXnEM7jP7hGK3zBIVoIrjxi8cH0WXMk_aSlr8i82_59X3QqhHSIoKnAHqH3Borp3XwwMK6KttyEtL6LT3QuqemHGMYdEvT3og14DGF4isOz4fTvRQtFPsTeJrUbcGhDlmeaPPyWudihm2QFWvjhyIM03PMzBuytFGrZDSN7VQfqpQpNcvG5wZccy6hsvvIgzC_cMwVdS82GZH1f2RiQIezC91WGfcQzKKoOQMaVLQvza4_hwsn8ZVyT44F9uJ3zf92It4_jSqqM1JVZPm-ZQGZL0VjwuEOgvU5Ndharr3ZGn49ZWMmMI0xjXjelXxIZYP_Rcur3iJOZU-CNxXFh2zackaV-kOxAqpAxwl7nIsm-Rp7FgXzFxF87zHUxJX62gP4l8DJrPfNhiyHyuttPJTU_gz9VHBm_24CJ5BRKn0xbxeI8tFn1cYuGVQla9RaMj3hEfQTtkby2yeuGLJq-52d1HvSCOmajQJs6MhMPEzZyVXEisKaMMoi5TlWE6HmwjI6mfTylSsJL4O3ZquA4vCvKUNi5Bqt9oCS3FSoLc4RPQgrpf20pcm2qHdSqNDoCugx9658Gkx2BG7EL-ANZ0X-SqyW6JpOT1Sp5JG7dmZ6YUErcVRA18ijCXfa_GZEWXGvhEyQPMV1kek5_OQZHMHks1pMX7XjYm1qLZa6DE_Ba6lyGd_qbdATogjoS7MD7bbIcXWbVMSKtloTa5hhmmxwWRivO8Fswc94Y1ECK6-WoMGCgZsdW7ywdJL9vtsRLHTSheVPoQx612tlJ_J3xVu1EaoqIUe36QTjba038_J1kH6rpGhZs91vNJU9KvdI4S0lZgyzO4WGhieOvxEKvtEYvGvNwaFnWwzUaMOOQGFuMwfgkN0TwnDajphTNIhHPorVFjU5RDVYlt6JmdEe3EK5bWp78jnx5cmBr3xztAOO9MgJYRdiIjcQMCAUAZGpl1Af8qAyscAhWLAMa_fxTvd1rpSajwYsNwweE-Ep6hh6cuN5zOyCWRUQdqQhtu8CqtcO2DJbphC4uY7ZmW36oK0QAp0a4fVNCA_i0qi2VR1HrfSeoi9sYQYwPmNmyibAYQv0MIZg7fvTzQIfs6fPO2F72kfi_blxgVJyOwOlg2-PBSUlmYZDlYvpZyeLXG9urRYFFew4qLCifTUiWY5tUMCKXH5tV9Vfwm4R9zBg1FpWi2eSIqAXojOD4fS0rbz6HhBAWZDcrxbtCN9C8_Bx0Uq6c8s0t94eJOi5C3Dz2IKC3Sg1vTYHcbllwMo_TwojqLA1yHZl8RWUyTMPdYm9NoDkPiiG5_fBeeHE63BIAlnQWtWnJDyYngehqSHHy8xNgycrde5zqvKJR0TULCBJRhqzGZ1FXgMxi-0spU04_elK541EqayVHX9k4LHCGaCXmivbJDCyif9j0qaYhInszYhPvN_BOxeDfjOUZfFgpZptiAAM-BtukfbprqH0L0KbKiQqboDrgaqinTJyJ3zegkPdBYOmKUs1scwULC5ityhjDC6mY&cid=CAQSTwAvHhf_oE0Gcm-rgmOvrjeRo_2clC-0MP3lCxzBK0D_xmIN02IIK3PE-hk8th5mWgo9PnnAq50SvRtBIdFyc6iBqV99ORky_nNpNwK7foQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fe4t.com.br%2F&ds=l&xdt=1&iif=1&cor=1689601046317798000&adk=2935317966&idt=95&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 16:04:41 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F41 41 KB
14 KB 38ms
38ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:39:59 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTc4MDM5OTgwNDUzMwogIHNlcnZlcl9pcDogMTQyODQxNzExCiAgcHJvY2Vzc19pZDogMTYxMDY3MTQyMgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMDY5ODMy...
ad.doubleclick.net/ddm/activity/ Frame 4F41 0
544 B 286ms
210ms Image
image/png 172.253.115.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTc4MDM5OTgwNDUzMwogIHNlcnZlcl9pcDogMTQyODQxNzExCiAgcHJvY2Vzc19pZDogMTYxMDY3MTQyMgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMDY5ODMyMgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vdmlzaXRzcGFjZWNvYXN0LmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzc2Mjc0NDYwMjA5ODU1NTEwNApkZWJ1Z19rZXk6IDE3NjYyMTAzMzcxMTQzOTg2Mjk3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0yMCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEwNjk4MzIyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg2MTkyNDM5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2NTk0NTU0MjkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA5MzE1NTk4OTgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NDQ5MDE2NTcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vdmlzaXRzcGFjZWNvYXN0LmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f149.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x1e3d036ba5335f510000000000000000","13":"0x8dee20c5c269f51b0000000000000000","14":"0x81ce9a577bc276d30000000000000000","15":"0x24a00c72c9b0dafc0000000000000000"},"debug_key":"17662103371143986297","debug_reporting":true,"destination":"https://visitspacecoast.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["10698322"]},"priority":"0","source_event_id":"13762744602098555104"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 4F41 59 KB
23 KB 37ms
37ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 07:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 07:33:50 GMT

GET
H2 200 B31112476.384632190;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=2935317962;ord=afmtrw;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184596%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.double... Show response
ad.doubleclick.net/ddm/adj/N46002.1862881ADARA.COM0/ Frame 4F41 78 KB
33 KB 140ms
140ms Script
text/javascript 172.253.115.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N46002.1862881ADARA.COM0/B31112476.384632190;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=2935317962;ord=afmtrw;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184596%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1M6NriSsZbeIJqrC5LcPm_q0yAihrYC5dfm9m4u0Eoeom8yIChABIMXuiy9g_aCZgegDyAEJqAMByAObBKoE8QFP0J7NdglbfhqOGlSihAqSuWukDK-4kuBqvKOrWy1PoVAk2RLGnna4TUYNgnhF9BSNojtodqF8goWuA1p9mFJtLXMPBRBpMfvgliP8sigyOHeVoRsVmPGAgjmXl8HoPQ7KAVifL8_2RIsFTTq0xKp0aXeJIUxpQj7-hSSIL6yYYQx3VWdFZyBwU_CGm3cIE307LvFoPoSCBqbdxWAHmjZTmvb0kmsMIXMzc4hmbLNM-ubP4VKigKn5PXHsgAdASWSmQuQOOPmQa6ZfgtcMZvvctcQtwf1YJ24EOvsQT2s5T_Np8Z9gPytuyDsmTQnKGSEvwATJvYa12ATgBAOIBdqD-fxNkAYBoAZNgAeZ6pi6AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WPfQ45Xf7IMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDQbAT55uuFsgTm--W5APQEwDYEwrYFAHQFQH4FgGAFwHoFwU%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_oE0Gcm-rgmOvrjeRo_2clC-0MP3lCxzBK0D_xmIN02IIK3PE-hk8th5mWgo9PnnAq50SvRtBIdFyc6iBqV99ORky_nNpNwK7foQYAQ%26sig%3DAOD64_0RGYWgq4001Y8-LTP4ZfT8ToEjSQ%26client%3Dca-pub-3272641779235890%26dbm_c%3DAKAmf-BOzmnNAdzYIilqfAYrphxPRZz4_0GlGbBMZVpmZOt7GAjKxhiHdx7nI2wOHPyFdMOJuE1lopRHYCMT9gUCtV_-j7oZ61QG_KWRFOyypo1C811gNw24FVMEQxeEhvR7WEvSX1JEngnJJIfwa2jhMiJgDoFfbXodCuEja9CWNSMyzvsBVjQ%26cry%3D1%26dbm_d%3DAKAmf-B3yDFmkkcCoSEB9grj8GR_PmoJTYOcp_MbYcmwHrTZFcSB85lwDK8uSmHBg6hkdb-RxChs-6WpHjD8WdAMPh709Ts-JmV0HUM55SOXEmpAGkXMedY_Ellu6Te1MFLSpBzRx3KsZefFLj7kT3UxTzekhC5lnVq3205googETgXljXQVPvNw_ZUFp3PSbwV5ps4qWiEr3EDBvt7b-tVNkV6LxL3kUZlMnNJ34TdriR0FWTi9qlg1h9OO0pv7e7pHffBKL_mCN-5_fFPL6tJA3zrrtnpn3VTqqWkF-gh001KqlNwIlreGXch2x5E2nHPpOOd1r2Cw41d6HrihfJFyHm-u-qTLTsIuSix4bkaGCeav8qAAjtGrjBbH7S9U8RvPw7GBOpO9rejYxnG8riiv_VwBTaOsgoLnrMrjwjPRL6ij-_E1ESynEyu2w3lAAHr12QkFbPUNDe4Btzjf4hZQNYKh6Fs-QIikmvWOnpXaIHT4ial8Dc9RSHi0Gl763rl9LP2gr1FtTG8B_O5t6qfEOMN2M_Ma2eE-S07oumNK1BwUDAnyKQmk_KeGjSYEXt9yyVmkr_9r%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fe4t.com.br%2F$0;xdt=1;crlt=eb_XxMo(1);stc=1;chaa=1;sttr=77;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f149.1e100.net

Software

cafe /

Resource Hash

5c79df8bcd620706604929a782582d7c44ed51c00ee52bd406e9449a33236ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8B0D 38 KB
13 KB 40ms
40ms Document
text/html 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 171374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 20:17:06 GMT
expires: Fri, 17 Jan 2025 20:17:06 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3AD7 5 KB
2 KB 42ms
38ms Document
text/html 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

8cadbb8929455132f8046555f4793b7f49d10fff19d1ca342339af0b81fd942b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-NNRwLn7u50Fhq6OOlull8w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D80 50 KB
19 KB 39ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:59:31 GMT

GET
H2 200 iframe.html Show response
p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 34C4 5 KB
2 KB 45ms
44ms Document
text/html 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

cc59c9abe8aa65aabcf30d619bf5b30aa80b83d82b5ece4d5177472109d6918d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1984
content-security-policy-report-only: script-src 'nonce-bjImGl4Frm3x_xlzdoHccA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6727 0
0 104ms
104ms Fetch
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNpuRriSsZfXUJ7je6tkP0J-AsAnoipmydZGM2dSYEuKapczFDxABIMXuiy9g_aCZgegDoAGSqre5KMgBBagDAaoE7gFP0F_wtqV4hDrSnxquTk_EBPK-dxleoQZT169vDaBh-Gx8PA1USAxMPgR4RfiaQLrPjs85GTXOrGxRJfvjtWPvFZml6yIl-pHchuzxp5deW1jjKcsok3VNXU58QyOcvswxTSvmLzHEOnNf4v8oF5rDw6-jxqI3tPXVRI8Ht3zUrkOzrK1sPy4u05dgFWNuZGFGySKj4oa-UsOrkypwWKxaSYrtoBbBBm9XFv7VVQsSAFy3Y7J4rw71a62QCA5MOczFUh7nl9u7BvcFE7Z8cHrg2KbifvX3OmAmxXpmgKPAoHbLREb71EYKRF999fhIwATon5bixATgBAOIBdSMtaxNkgUGCBsQAhgBkgULCCIQAhgBSL2z8QGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB5Lih5kDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ5N8IGLzK5P0B0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj59uWV3-yDA4AKAcgLAdoMEAoKEODFo7HwoerZWxICAQOwE9bZthbIE6WDluID0BMA2BMNiBQC2BQB0BUBgBcBshccChoIABIUcHViLTMyNzI2NDE3NzkyMzU4OTAYAA&sigh=p-ITjhiC48w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_mhFufdt35wxApSbAHzOm32NW6JIgkvLSm6D7LCRaOgrHTVB4FvaGzFei8xmzHuEnDdakZegTfiCw9D-ZqemCYhXZVxwP0Tk7V00YAQ&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272641779235890&output=html&h=280&slotname=7946552792&adk=658120095&adf=1618235776&pi=t.ma~as.7946552792&w=528&fwrn=4&fwrnh=100&lmt=1705780398&rafmt=1&format=528x280&url=https%3A%2F%2Fe4t.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705780398156&bpp=2&bdt=468&idt=423&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1637122345497&frm=20&pv=1&ga_vid=1051451749.1705780398&ga_sid=1705780399&ga_hid=642909159&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C42532523%2C44809004%2C95321958%2C95321627%2C95322166&oid=2&pvsid=1743161444856065&tmod=1381456514&uas=0&nvt=2&ref=https%3A%2F%2Fe4t.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CepEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=430
Attribution-Reporting-Eligible: event-source
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B0D 39 KB
15 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 16:00:41 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4F41 111 KB
39 KB 112ms
37ms Script
text/javascript 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 02:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 02:59:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 4F41 12 KB
4 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.1862881ADARA.COM0/B31112476.384632190;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=2935317962;ord=afmtrw;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184596%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1M6NriSsZbeIJqrC5LcPm_q0yAihrYC5dfm9m4u0Eoeom8yIChABIMXuiy9g_aCZgegDyAEJqAMByAObBKoE8QFP0J7NdglbfhqOGlSihAqSuWukDK-4kuBqvKOrWy1PoVAk2RLGnna4TUYNgnhF9BSNojtodqF8goWuA1p9mFJtLXMPBRBpMfvgliP8sigyOHeVoRsVmPGAgjmXl8HoPQ7KAVifL8_2RIsFTTq0xKp0aXeJIUxpQj7-hSSIL6yYYQx3VWdFZyBwU_CGm3cIE307LvFoPoSCBqbdxWAHmjZTmvb0kmsMIXMzc4hmbLNM-ubP4VKigKn5PXHsgAdASWSmQuQOOPmQa6ZfgtcMZvvctcQtwf1YJ24EOvsQT2s5T_Np8Z9gPytuyDsmTQnKGSEvwATJvYa12ATgBAOIBdqD-fxNkAYBoAZNgAeZ6pi6AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WPfQ45Xf7IMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDQbAT55uuFsgTm--W5APQEwDYEwrYFAHQFQH4FgGAFwHoFwU%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_oE0Gcm-rgmOvrjeRo_2clC-0MP3lCxzBK0D_xmIN02IIK3PE-hk8th5mWgo9PnnAq50SvRtBIdFyc6iBqV99ORky_nNpNwK7foQYAQ%26sig%3DAOD64_0RGYWgq4001Y8-LTP4ZfT8ToEjSQ%26client%3Dca-pub-3272641779235890%26dbm_c%3DAKAmf-BOzmnNAdzYIilqfAYrphxPRZz4_0GlGbBMZVpmZOt7GAjKxhiHdx7nI2wOHPyFdMOJuE1lopRHYCMT9gUCtV_-j7oZ61QG_KWRFOyypo1C811gNw24FVMEQxeEhvR7WEvSX1JEngnJJIfwa2jhMiJgDoFfbXodCuEja9CWNSMyzvsBVjQ%26cry%3D1%26dbm_d%3DAKAmf-B3yDFmkkcCoSEB9grj8GR_PmoJTYOcp_MbYcmwHrTZFcSB85lwDK8uSmHBg6hkdb-RxChs-6WpHjD8WdAMPh709Ts-JmV0HUM55SOXEmpAGkXMedY_Ellu6Te1MFLSpBzRx3KsZefFLj7kT3UxTzekhC5lnVq3205googETgXljXQVPvNw_ZUFp3PSbwV5ps4qWiEr3EDBvt7b-tVNkV6LxL3kUZlMnNJ34TdriR0FWTi9qlg1h9OO0pv7e7pHffBKL_mCN-5_fFPL6tJA3zrrtnpn3VTqqWkF-gh001KqlNwIlreGXch2x5E2nHPpOOd1r2Cw41d6HrihfJFyHm-u-qTLTsIuSix4bkaGCeav8qAAjtGrjBbH7S9U8RvPw7GBOpO9rejYxnG8riiv_VwBTaOsgoLnrMrjwjPRL6ij-_E1ESynEyu2w3lAAHr12QkFbPUNDe4Btzjf4hZQNYKh6Fs-QIikmvWOnpXaIHT4ial8Dc9RSHi0Gl763rl9LP2gr1FtTG8B_O5t6qfEOMN2M_Ma2eE-S07oumNK1BwUDAnyKQmk_KeGjSYEXt9yyVmkr_9r%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fe4t.com.br%2F$0;xdt=1;crlt=eb_XxMo(1);stc=1;chaa=1;sttr=77;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 16:17:36 GMT

GET
DATA 200
OK truncated
/ Frame 4F41 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3fce15cf3dc6756b92945e2bba573c0fcfa884db4f9072c9a0a091bd0e50249

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CD9 50 KB
19 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:59:31 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8238 38 KB
13 KB 37ms
36ms Document
text/html 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 171374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 20:17:06 GMT
expires: Fri, 17 Jan 2025 20:17:06 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A88E 50 KB
19 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:59:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C41 0
20 B 101ms
101ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BJRN7rySsZYOPFrSZoPMP3-uU-AwAAAAAOAHgBAI&bg=!fn2lfTLNAAa8BdJLnAU7ADQBe5WfOCZnD2W81s6AadQdJbrxN6dngBNcMSg05D2mHkbSdBFHvnA__LroRfgqlhv15Hr9AgAAAYBSAAAAA2gBBwoAeM9Uj7tTqdAyr-tdJ_jtr89wcmZoQ4FRxDFfcgpWzS7EudF5-pv0mB22UPfEpWdMcV2az-dTtPMLredhKfeGoch6-7zacK4YL2VgpmLzaai_dNfR1Acznn38pp1SCk-CsLuKN2Y0pKSq375IqOrm8YkJGug95VsV5ZkC2EoHdriTBIjW_OhX6rQBhnVrtqvrCBoLgz0fZ4HsejwgfHcF7uAf7EIxOabuj7W-I55yW3lr2WGkO6J6X-ea2hIxQVLM7IEuuYpJaJcOq0NNtvy9rQHlU8YsFeSc8Ri5inY12rXnEUAvtT7bUC5oBS_8lcVQvVSk1Pm2gBoDR7GAoemdED7rn7hmVX3X06uZvAvHM46GZHf3qWAsUDkEyLGQIZ8PIpcplOAQWSFARhOrVKaQSKogbM7_UeOpt3JgSNDWCj4NuBx9lVs_OlEdmTIzRs3XSmOwv9eYQOkVS5JA_Go0o9BPObvYeS0MZgCdL91Zn6No8HgVrHeMNElNG6JsIx12E_J6Fa74K5DbHQEZOJWP2uCmsBllcAzhIE6vs1rDzxAJqmI7BFPzFQB8V3aI2-zKiT3QqfamLoAKGYlgE0oy6uskc9WAOVNEXR6WhUJGSnTn4see8ZP0BC_S-Zoz7oUBw7TCSkH0C6OfpplJAOYktgOgwgAtrYfhZiMLpafP80c4l1_037DeSh094EVGRS-QFKgNUXDaAHylwzoii6MIx4RfSnHdTZqfhcmqQQh4FcPTAtXOjyChnpSVRphKaXxE-_goTkyDqZgDzo6uP35IZ-H8X1S-eT-d0OfM9i95VPI9mweTH6CSTGiEcXuVMWzQungn9r2gkW082-sja8LbbsqqIQEhNP9T2cVN-iiKFdNjj7hWy3XQ5oloRCYmeLJj-v_pR8Hiv2Aem1LdkMZTYeWr0gySB7Nji62OctDPF_BDV9VN2AFd8uRXG8YsTRchA3XsJItLUEjTsIg57aSk8DKQirCJY7wrq6WetRQ8cMRQWJNMI8DPdOj6l891hAATvAKzRMyLWJKj7Anw3XH-oSAzXV3JJDALxzWnTti8AxsSZpuI6rVTPhxmNYyzTzslznAf5VsM1342ZK8ZHp2qzFPScCY_L676S0llPI-85eCVCPxf

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8238 39 KB
15 KB 37ms
37ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 16:00:41 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 90 KB
21 KB 115ms
38ms Document
text/html 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

7f49b120d782551c35d684e42da14f893cce26a782a27badfb0fc58482dbe604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 85582
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21516
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 20:06:58 GMT
expires: Sat, 18 Jan 2025 20:06:58 GMT
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F41 0
0 175ms
98ms Fetch
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxGaocRpRxm7cMHjhrtqXcWk7NTVQxE3YJqF0JtD3nPe-EYFT12W2DGrcpqwZp60YSMqJK404tL7QGwWXQxGP033K_9us0bmFBIZgr7R7H52dQNAEFJ9cboOo6WrUJRCkDw-mbewtSDNQf41BaoIIy2ExantijhEVyhg&sai=AMfl-YTDb2_aj-YqOC0fYX6VZR_1p_ASL8BpoMvIz5TARXZ1cg_Sp1ZomoUutNnM-qrpq5At7X07YyDn_wY3j1YnbToCRHtCznUKdaN95A&sig=Cg0ArKJSzIjH487_xANPEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=300&cbvp=1&cstd=297&cisv=r20240118.75054&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4A5A 32 KB
11 KB 38ms
37ms Script
text/javascript 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 18:46:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B0D 0
20 B 101ms
100ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4YWKrySsZbWNMe-ujvQPvsqDgAYAAAAAOAHgBAI&bg=!6Oul66TNAAa8BdJLnAU7ADQBe5WfOI8We-DpysAdl7aP19xMq9Xe1x75fOCQzAcpEciJgzkTfmvLccBW5d8_RDeErTWDAgAAAUZSAAAAA2gBB5kC9yGdqm1eJszzuZRfLU1UCzqDWXFNf4MjyglOL-PEgohBi_hbs8bCqBtiH9V7QX7m5reR9FAv4LJmhPJmg4566bqmEYeQV8oV8vRpcY0-E42LRL55qcTRS9KagFsB_uLvirvtBsJuz_V8LDP0FmGBNWRQzx0eESMeBuKM_pH3w6kvUDWa05w6kyVBWNQCk2Q4YXkWHCExqVeza7HMhCWhF7ceWSaaokKBNRrceqOGzFZm7QjEMwN4he_Y_jmcksr6nAG7I_7K1TdLWT1eBYwDC9GwAIoJ4fwCg_4od0Tv6SHdb9UmREzq59LPks9gWPT2N885SOFOPb3HOpzYgP7uFdbAP-fSmtzIooBdzbxfMXiVg7DRPlnOKSmIqWo8a4Hfyde7IA0n1lQN6G3CFxFRg6kYXLkr-SALEJbR7nY8xkyfbwS3LhgxXH__xE7PD04bn3Kd_aFwHQxFzy52BqvlmXTEgR_kpiDNhPTJkQ1gYqkfSmXFGVd_PLjD5yWNXFCzxq1nQx16taaZEbd-K1rn_XK9YgO3D4YdVe6-JU3LsZR27DDE5pRUOfm80hXCEq4GlmMgJ4fvnf2M0JvVo7S9sKbhaNkqCigwPKGLOTlTYuZ_WL-i-LX4RjeJI_bGj-S5I2AtaV_b7NVz7vU64wSZZTv6wAQIZOYxH6mtSToQrMxdlL9i5vi7bq7qyrEKJPnDCaLqCZ9YStQJVlmgEkQFUh79TAOu9ycZVWz7Uu-mdWw2BlMztng-A3wKTruWqK7J0A5SHIffZ_midbF7LdslmFSPi2pDrzOu0ygkjll6cBGFVI9GZpgqdU9jyHe2W6EXltWq6C__wYuQ6oXrqPed5_DhGxs_8sHD5-FymaAcP2U3Wy8MtYJBCX3Vde2J92qDtNZLZJCR2moA2X84c5M5D8ZP8UZGlAC_gsfWmh2UsmaUZYswBuvgVhYPTuKTJziyO5Mbtkb1CbC1-X5yCLzZ-3FvsxcZbV9OFs3suqsecvQVkjuIlrGw5Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F41 0
0 99ms
98ms Fetch
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxGaocRpRxm7cMHjhrtqXcWk7NTVQxE3YJqF0JtD3nPe-EYFT12W2DGrcpqwZp60YSMqJK404tL7QGwWXQxGP033K_9us0bmFBIZgr7R7H52dQNAEFJ9cboOo6WrUJRCkDw-mbewtSDNQf41BaoIIy2ExantijhEVyhg&sai=AMfl-YTDb2_aj-YqOC0fYX6VZR_1p_ASL8BpoMvIz5TARXZ1cg_Sp1ZomoUutNnM-qrpq5At7X07YyDn_wY3j1YnbToCRHtCznUKdaN95A&sig=Cg0ArKJSzIjH487_xANPEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=199&dett=3&cstd=297&cisv=r20240118.75054&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8238 0
20 B 101ms
101ms Image
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8qDxrySsZcXsOvCdoPMPkYO-0A0AAAAAOAHgBAI&bg=!Y2ClYC_NAAa8BdJLnAU7ADQBe5WfOCylRQBI0kRZ43txPpFf14FWhdHxFgGrLCPKBh8OWwb3ftI0lzKI3lzhBs8QLTtBAgAAAGpSAAAAA2gBB5kC_VOM2Kh-qLdtqlpPEwYUq0Q6Kbq7x0xfou0zMVlnBlZ9zUrWv6XKCr7FrTE2EwNhOE4yzjAkkqTs-kR_KXZMFSqn26GsyVPq-v5yLBoj5qEz4KkP32DyApWQmvaiKCjVzEyIW4EQxI_4atqiDdD8HGrp1ESfwShcCSwWQ0FdAZwch1_bCIxrw3W37hEUwJgS3nj0rYo4B5bFO7LEnbrx758zwAywqXbfDecMvVckLqubJAJ5EwsKRI5EPufS2Xbn3DXAXLDpemedgha3rgMXHiqPyr69AkmXZ17KXazXajyrHMu5chz3oEHknVAiTSTmhmxQNOGwnHk8bOb8fsiGhdDtWLeJ-IZaPlVG1-aLPCdXbAwo32jkC_aESHNo-HIXZ9HdWfeifgOxlIIwF8E63GLM1xAQ2MgjhNkaPt__sR_fXko_moKm2WQYXIx9vLOb46eOlcZWieApsXC1bO6HOuOXz4ksYvL8uDSxlzgv1n_iDuPWJjuEgdnFpo2vWokqi7MFErZpdnBzRfGNhNVFxidMdYaKGpQIAD1agwk8UcrcOWpXa9Ps9Ph9Mcj3Vkd6qCYA4ssPfV6fsY5N26VT-CVgL5qDxZlKPBaRgj_HqciqEsq9uzh6WPb7eueIA_bwDlb0s6gQbJNkl69CZQpoXujENLpreWASEPNsPciS2vig6B67YZbUSdNtTwqikO35RwMTPgjzhsREfblnvOcF23Lq_zRz-I0SJNgU82jNdAJ25Gbb7A3hVJ8yfvU5vEFIzlSJOO0xRXXS4hQocXw9W95t1Ycsc-ETAzicvFZwPMKa2552JBYPV2LTZk9VzoA1BdXaMTOfz2BPEkkbQmFekJoXw9pOQmeHDwuibi8rcuZyF3CDG6OLuIP3XbBkxa-1z0llZA2OQ4rS0mywdwV0Mto0QwKwXSTK8arGxFgdqpZyo7uCre-aa7UX1DOP3QcYmA4X09E09tQk2WfufSyxgqopmltKTDnQui_RKp62KU3jnbFByuU9s8EBO4lhyQ

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Turtle.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 7 KB
7 KB 39ms
38ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/Turtle.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

1a5f6487a83e678cc8a3c5ac503b808bfe5ab4ec35d8da7356f27312d3af484f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7009
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 06_14_05.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 11 KB
11 KB 53ms
51ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/06_14_05.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

ce8fefe64b7ee9f1f2b5cd57ea9990e12d34efcb5c1f9633b7c5d5bc00ae5590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11368
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 06_14_04.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 11 KB
11 KB 80ms
77ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/06_14_04.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

816a142d0da662da671c054a79c1eefc620a5d400609e8a860b7e03ece05d637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10898
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 06_14_03.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 11 KB
11 KB 62ms
60ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/06_14_03.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

ab54a95b3ab0a2a79f8649f10ce0ef7d13d779da1cdd380c99ca566ae4638513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11534
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 06_14_02.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 11 KB
11 KB 44ms
42ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/06_14_02.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

b35e27ec4deb75622dd9c9eda411aee209567d53e1bb82454f2945f5b7ca7249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 19:05:06 GMT
date: Sat, 20 Jan 2024 19:05:06 GMT
x-content-type-options: nosniff
age: 2894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11235
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 06_14_01.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 10 KB
10 KB 71ms
69ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/06_14_01.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

2522f9b1f8ea6ab19d10de48c1f8a9541acc63fa7f1edf1a09a9c40777157cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10287
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 06_14_00.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 10 KB
10 KB 110ms
108ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/06_14_00.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

1200b9b2cee6889e727f435c42f2f40675a913ec4dbc709c9348386f7b435adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10470
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Button.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 2 KB
2 KB 107ms
105ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/Button.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

415bb4b9208aa917fc6b82ceb1a8a11ca4b5360cd121d38d89603b81f456f3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2398
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 SpaceCoast_New.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 12 KB
12 KB 100ms
98ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/SpaceCoast_New.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

87fae9368d3d98940ff08df73e64477b29a2c5aef758bea09507d280083b517e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12311
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 BeachVacation_lockup4x.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 8 KB
8 KB 118ms
116ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/BeachVacation_lockup4x.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

459ccefbda5edee5bb5895b58581a9357f9a92f15da9bad5ac4d4368cc9adbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8417
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Melbourne.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 21 KB
21 KB 113ms
111ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/Melbourne.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

7d511cec2bb244d4cbe430e942eb87e803b3d69761885a0e4f0e8f945401e42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21539
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Rectangle_1.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 777 B
805 B 112ms
110ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/Rectangle_1.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

a536e377d9c7952b4a8f282b63de9c734dee88264dbbd40cbd2075e3a5a3ff30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 19:05:06 GMT
date: Sat, 20 Jan 2024 19:05:06 GMT
x-content-type-options: nosniff
age: 2894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 777
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Shadow.png
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 9 KB
9 KB 119ms
117ms Image
image/png 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/Shadow.png

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

012dcf887740e0918ac380916069f5a3abcb90690aaec77acf069077a1bde8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 20:06:58 GMT
date: Fri, 19 Jan 2024 20:06:58 GMT
x-content-type-options: nosniff
age: 85582
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9014
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 BG_728x90.jpg
s0.2mdn.net/sadbundle/6261863306966372655/ Frame 4A5A 35 KB
35 KB 85ms
84ms Image
image/jpeg 142.251.111.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6261863306966372655/BG_728x90.jpg

Requested by

Host: e4t.com.br
URL: https://e4t.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f149.1e100.net

Software

sffe /

Resource Hash

f59eb6a8d1a0e31ccd9cf0313958c01690daee71757a607f0138a01ab7a2a3b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6261863306966372655/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:14:28 GMT
date: Sat, 20 Jan 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 41932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35663
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:53:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H2 204 csi
csi.gstatic.com/ Frame 6727 0
54 B 123ms
122ms Ping
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrmhlvsx&c=7497573240254&slotId=3748786620127&qqid=CPXj55Xf7IMDFTivOgUd0A8Alg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1995&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.nd~atrd.nh~vil.14j&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F41 42 B
174 B 102ms
101ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjrh6NCPB6G3E-qhGHrUGoYnQesCUIiuqAtk7jcd2UPVbPT-3tGk3q1dlcXN9VflwzXAEqdYexyCC2rjAw4qWceKKKdh-myVpMUiGUX7g0Ck7b_XbnIrNd7zA_2Y439I1HdwZu-zDVzQY&sai=AMfl-YQHPLzhsflp8OQDvqv7RrMJHhndihgmksZ3t5uju1lGIEL7Is2JIWzdEoRVpZT5YdF_p-TKtcXUFoegfWBAhsrIwbwAbV_FlC-opEShUcYmzBhxjwKsL05dpyrf8csjz79GDS8GnoT0VwoqHRAHlQ&sig=Cg0ArKJSzOAQexaivmesEAE&cid=CAQSTwAvHhf_oE0Gcm-rgmOvrjeRo_2clC-0MP3lCxzBK0D_xmIN02IIK3PE-hk8th5mWgo9PnnAq50SvRtBIdFyc6iBqV99ORky_nNpNwK7foQYAQ&id=lidar2&mcvt=1003&p=0,0,108,728&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705780399536&rpt=663&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
58ms XHR
application/json 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

f0bc3cf047c5ba176be673ed6229de4b8771905c190ed7e20db9178c0783c0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12172
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 19:53:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3013 13 KB
5 KB 37ms
37ms Document
text/html 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 27504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 12:14:57 GMT
expires: Sun, 19 Jan 2025 12:14:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2DD3 829 B
1 KB 127ms
52ms Document
text/html 142.251.111.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f103.1e100.net

Software

GSE /

Resource Hash

2c230dfa516edb8b11a1305f4e728de374b1e334598f38ade3148d78fcf094d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xnis2sXmvLMvzxLeJE3GVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e4t.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Xnis2sXmvLMvzxLeJE3GVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 19:53:21 GMT
expires: Sat, 20 Jan 2024 19:53:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3013 39 KB
15 KB 38ms
38ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 16:00:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F41 42 B
64 B 101ms
100ms Fetch
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzXEHCW7SfNpabFt7MVSwb6YzfmJgxJjT8SA2xdQTB_fdbDOoEyzlPXG9nNNt-Rf3s56HxfXKF4WuFoOUr65i1pedBtA-iaOdZIaeUmoPm36-6OunRawf4MT-cL5w&sig=Cg0ArKJSzDP3dOxmETNXEAE&id=lidar2&mcvt=1014&p=0,0,90,728&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2935317962&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705780399536&rpt=979&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2DD3 0
0 99ms
99ms Image
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=1743161444856065&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3013 0
10 B 36ms
35ms Image
text/plain 172.253.115.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ebYY0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 19:53:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F41 0
20 B 99ms
99ms Ping
image/gif 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5288152839323&version=m202309260101&ct=77&x=1&cor=1689601046317798000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 19:53:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
100ms Image
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=1743161444856065&bg=!XV6lXhHNAAa8BdJLnAU7ADQBe5WfOFlmxXRBw9grLBOFEkVv9m5zcH74OHFxKxYvSiNNQlbToO0vUDasEEDoR6j8pWUBAgAAAFJSAAAAA2gBBwoA3mGMCtfr1qIXWrK0vFoAZn9dSfJ0ASyA7cCmT7o00XCGi7q665XtfZkAgdRNgldtG05qxjVIaZR-4im3poMZRtKBbgEAcO9hEaRbHpk2jbrSoADK5Yc5ejuSUrLimBSBg6BWRpvytHIT9mhUuHAhPx5Ny9EFFql88mrdbfePl5qKeIv3WTlj6fTgNtFZ4MmPSD3Y4p8Zx1yIqFTsifPvecqNvrX5r-mMQGXVZ6RjxH-UekcerL2iF2twl3r3XkDixAmmk8FSCFqIhfQ03tLDatRkfheaYnqvW3nSx723EpkCq5RTSOGU2vyoYJG53FJ48lz9KXehIp8Iw6XejdIlkzaJjjLHm_sp7cUOIDUFgwISzTM0wuiKBtX0Y0Ib9vQ8DQOuNll7PD2vWQLCdBVpB4scCrBk7TO71UIfd_ajoLUDZzCgwQTjfmII2j7jsCIUKlN0tpDUJY4YB6GT54wXj0TvUit177Hh9iIiPdYRyotm4uEX-2p_oLEtZBp5Jjdxxd0EGTHm0rav6eDqRAsVBmPiaAnp-P70g7AGwEPAC1g6O324lZp37-DFLSfQc9pD2eTJvzD5zs5UCtl-QxSc6UmcyNnL4yGpE8v5uSM3TU64gOeJdbP1vcSLlM-Xs3d4lFrNvPxCx29A0dReyENwNHw_-Yn_uQO-8E_wMobFZ9yzAO0jPF6F0RhvTnnPMEij4TlOFpmWNt4aVYibXsP_8H-2pAQp_hfVa0lZDS6IcwK0gX8MNcrzStatDSOk7zEKMCtHLHAWnsN2S09SMY3ych0F_Fdm2i_URh26vs8FpfWIxA6F402Xlnm9JdbU79PRhZMza31MgFTz3o-Zm21HpK4UQvOGLLnzcE7197AxieLnqwwGxevi4NkVJvaHegyvorA80HHNn-mEwr9rfYjLRo6nwNLPD4HU5gQswaJJ4m5KmtKWATNFakgClPS4F2J69YQM2rBHa7WfPlLjVsNd3_9Ri8lwvEVuDhHc7llLioebkOubaYguxy-iH6nJJyriZLddrEhAywW36YY6NNWYL3q8p92XohhvwZVhjYziJywsVhP6nUr0JokMlb7QNHOqLfoMOyZ32P9bRUYhcHSpVesl5Ldck5pZuspTLA2bO2udtDhRPi3hQTHpLZfY-tngoroA2hA6j3H8kh1kbCgPdPvsZRy-65Dif7K1pZLYWC5pZq7QhByRA4zjPZMV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://e4t.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e4t.com.br/	1970-01-20 17:52:33	Name: _lscache_vary Value: ae65aa596d102adedba0ef63ce80c2d4
.e4t.com.br/	1970-01-21 03:25:40	Name: _ga_JDNVYKR2JJ Value: GS1.1.1705780398.1.0.1705780398.60.0.0
.e4t.com.br/	1970-01-21 03:25:40	Name: _ga Value: GA1.1.1051451749.1705780398
.e4t.com.br/	1970-01-21 03:11:16	Name: __gads Value: ID=94810fed67b44485:T=1705780398:RT=1705780398:S=ALNI_MbSZojriJyCxawOV4RSOahNokA3RA
.e4t.com.br/	1970-01-21 03:11:16	Name: __gpi Value: UID=00000db8bf7cb02d:T=1705780398:RT=1705780398:S=ALNI_MbTvURNYnRHpW8bMbXfMjdSIolAPw
.doubleclick.net/	1970-01-21 03:25:40	Name: IDE Value: AHWqTUmrVPwHwqXzYHkfDcUm6_dT9zBjdSJ0ua1mY6AIftOHTBdxgFEX65dFAljNWMs
.doubleclick.net/	1970-01-20 22:08:52	Name: APC Value: AfxxVi4zgq-qRZguPWwBjxw0IGUdM_-j7KAg9U6awSjI-8KdKDGbeQ
.bing.com/	1970-01-21 03:11:16	Name: MUID Value: 03B30FB8E16D661B34AC1BB4E06967D3
.yieldoptimizer.com/	1970-01-21 02:35:16	Name: cktst Value: 659145018
.yieldoptimizer.com/	1970-01-21 02:35:16	Name: itk Value: xgDO1QDOfZTOxAjM0MjNwYzMxMDM3QzN
.yieldoptimizer.com/	1970-01-21 02:35:16	Name: ckid Value: 2031343574928
.casalemedia.com/	1970-01-21 02:35:16	Name: CMID Value: Zawkr.u9l6aYzTmEt5uZRwAA
.casalemedia.com/	1970-01-20 19:59:16	Name: CMPS Value: 3589
.casalemedia.com/	1970-01-20 19:59:16	Name: CMPRO Value: 3589
.adnxs.com/	1970-01-20 19:59:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>@idk=S!]tbPl1M>e)ZlrFUfJ+tGXxoDDCVM7Rfr$sVFQ`P^yPOcHTZ<hX^YHk+vQ?i3If)y3KL9D3I?+O+ayS=
.adnxs.com/	1970-01-20 19:59:16	Name: uuid2 Value: 5271216661154111504
.adnxs.com/	1970-01-21 03:25:40	Name: XANDR_PANID Value: kq3MCL-UJRw7hngUnCu72uqH3Z4_D5DfXrUc0K9aK9Ids-E8t3NRR739SKxTj1hrdXChqu17iOcDh19BaPduZyPKsyu_HG3z6LYn1VZdXUY.
.doubleclick.net/	1970-01-20 18:32:52	Name: ar_debug Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://e4t.com.br/wp-content/litespeed/js/484.ab0f4ab882c1274b1c48.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e4t.com.br/wp-content/litespeed/js/793.d942673b241cd716929e.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e4t.com.br/wp-content/litespeed/js/398.01edc105f758acd277a3.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e4t.com.br/wp-content/litespeed/js/484.d2046ca192c346302215.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e4t.com.br/wp-content/litespeed/js/14.38ad2b40a067ce597a52.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e4t.com.br/wp-content/litespeed/js/575.e8e50949adb5f70717bf.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adsdk.microsoft.com
ag.yieldoptimizer.com
analytics.google.com
bid.g.doubleclick.net
cdn.adnxs.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
e4t.com.br
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
nym1-ib.adnxs.com
p4-fjqnrdgoz4woa-mb5e3yn3wj47edsd-if-v6exp3-v4.metric.gstatic.com
p4-hil7jm4nevkuk-nvnmimdxsf2kg2b3-if-v6exp3-v4.metric.gstatic.com
p4-hum6ouhk3qjge-yaikrn7twloshlmi-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pixel.wp.com
r3---sn-tt1elnel.c.2mdn.net
s0.2mdn.net
stats.g.doubleclick.net
stats.wp.com
tag.yieldoptimizer.com
tpc.googlesyndication.com
www.bing.com
www.e4t.com.br
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.250.186.131
142.250.31.94
142.250.31.95
142.251.111.103
142.251.111.149
142.251.16.101
142.251.16.156
142.251.163.94
142.251.167.94
142.44.179.115
152.195.19.97
172.253.115.132
172.253.115.149
172.253.115.156
172.253.122.156
172.253.122.95
172.253.62.157
172.253.62.94
172.253.63.154
172.253.63.94
172.253.63.97
192.0.76.3
216.239.38.181
23.204.76.188
23.48.104.178
35.190.52.204
35.201.74.200
68.67.179.164
68.67.179.87
74.125.0.8
01295711aa266f3a81e5621fd8631b9b872a31c12a94f8b21651495d7245149f
012dcf887740e0918ac380916069f5a3abcb90690aaec77acf069077a1bde8a0
0a5d509accfa923c0c28c35bbf12c690ce13164a2df74a0a69f9400285594a0b
0b011d32947139eafb593005c30ff6e2a12b81c4d6d0327adcafff5e95325508
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7a2cb4c652c10d713ba9c8b847038263e3f0648315acb6b57b6dac1943c5d7
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
10f90e4d335dd73214e4503894d81503b04444685f205995e683513adc3750a0
11cb346a803f359d1ffb0552cac5500a22dc0910905120a786fd85da1adc83f8
1200b9b2cee6889e727f435c42f2f40675a913ec4dbc709c9348386f7b435adb
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1a5f6487a83e678cc8a3c5ac503b808bfe5ab4ec35d8da7356f27312d3af484f
1bcbe7f289e9bb530fd2d8ae16b4f7b2dfad81f72773f9fee36b239817c03a4e
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2522f9b1f8ea6ab19d10de48c1f8a9541acc63fa7f1edf1a09a9c40777157cae
258efcd9aef72874f94485c47c5bb79785a7e753e0e9e8eea33355976d3cde8b
27499083420f1ebb46b98d4db3d70fb9c9d33c7fe3ffbc713de554cbfe6dedeb
2af67baf8c9ac2868a07344f16b60e790499b44b4dd04d49362cd081cfdb8f2c
2be2b883abfc4993fb172e251bc1a4515f099c3eb86d34fd6a573089a860f697
2c230dfa516edb8b11a1305f4e728de374b1e334598f38ade3148d78fcf094d2
2c4f2f5fee4dd6085cb56fdf9450e45e71e1d01126ca3a1a73403e391153d23e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
34317c2c5e7865161f880e4fdab2d6c81080cfa0c8d0531a11450b39cbf1dd48
36c93ad09816a24a52cc66b1cc913dbfdf48ac791db1eba5c88f8773e3898bcb
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39807a2570fcfbe446164d3ca4a1e20d9dbaf37ba2180feb5e8033d3df3f3287
3982cfa34e519d89f223632bfb0b1c9291338d7c9bc8d435643e18f60d4ce73b
3bf218495aea1c223827d5291cbe2e99abb6db26d046f75713301955f91ad551
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
415bb4b9208aa917fc6b82ceb1a8a11ca4b5360cd121d38d89603b81f456f3e2
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fe38dde1123bceabba9fa46fc5d6f21ead899571c28863c5c277ac1009661c
459ccefbda5edee5bb5895b58581a9357f9a92f15da9bad5ac4d4368cc9adbfe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8c5099f6aed32fbdf9ea4a4c34f2d9bf9e39fd2eab5f62f36f1dfdb3780c46
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c79df8bcd620706604929a782582d7c44ed51c00ee52bd406e9449a33236ff6
5d1bb36c0145302a6e247ff23f3ecd7401335f91019befcd16b1db22285d28e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
65b0217265db0a466804ca1a79649a9f3fbf23e7cc1c041216c2c799fd19fc93
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c5d47b5c182909e217db7fbe3c0c5ef4890de4892e35c9140bebe2188890d79
6f1f3cfdc8af037d3eb982c2429783bbf52bdf15d1ad8ff203c5135e15736d61
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
7074b43397d0b58a24e93acf0070e62909f966390624cd8835dd05ff8f65358b
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
732cf1258094a5b09b26bbdda530d29708bf96dc7493acd79c47db751e9f96aa
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7cd60a0ecb8cc7e389c1f5d6d7ab258c908e7d601a27b1f07ce83d125147e11b
7d511cec2bb244d4cbe430e942eb87e803b3d69761885a0e4f0e8f945401e42f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ef9486f208d7f60111887c065160a3e37537a04d47328e8aa6707c9493924f0
7f49b120d782551c35d684e42da14f893cce26a782a27badfb0fc58482dbe604
7feec0a2e71f43dabd4dd66b3b3bea32cd05562ce458d2010d20e398401697de
8049a165c5619d3e6f6bcc98b5faae71d436722c05ae310c3525745a13eb14d5
816a142d0da662da671c054a79c1eefc620a5d400609e8a860b7e03ece05d637
87fae9368d3d98940ff08df73e64477b29a2c5aef758bea09507d280083b517e
8ba640b15203a92b9952df090b2de8e1ca8227480767f6f103e338ce3b80bebc
8c8355fff749eded163bb48c06ce2f766ee430f02193cba0d70b899220322063
8c9d2a5c54bac1b1956ff2a3f89160acd369cc75c5aea3c020c8fd26f13f1f3a
8cadbb8929455132f8046555f4793b7f49d10fff19d1ca342339af0b81fd942b
8e1b4b67465baf0eb59b88ca9241ad63f847b5cb5a7af02462f0b4ce1e8727ff
90f54e74dbf3048259e9f7e7741a29e574cc779de1b742308e51f968812871fd
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91a6dc807d2570b3d1bf9b8dbc2d673c0c91747ba702c04d572766d908709f3a
956ced1323811331e70d52ad80520fa3a23f3c76a58eecdf29a5aed295884456
971927d9b4fe7d775c0dbb58b281275251e98070842f339f5839aab9ecf3522d
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a098a0868150753e0c0076b067d5b90ab89bdf3f0f93e2a71818d3443220f27
9cd3549935b760124b25cd1cf294b8b1f9b7f8744bc4b1e66e03a003a63229be
9dba01e7e80a6b083d5b91701c27ce5f4e56eae581f32189bb1124a1d3112091
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a536e377d9c7952b4a8f282b63de9c734dee88264dbbd40cbd2075e3a5a3ff30
a83b68f9553123a2ae73f93337009304a055d794a39d263eddd72603322a8c94
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab54a95b3ab0a2a79f8649f10ce0ef7d13d779da1cdd380c99ca566ae4638513
abf67e56707f3a8b0e967cdf5933a3ed56823bdfca8fb0de9068dc42b25d729b
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
ad70820727bc707400bea2ca99814fe316dbbcfa8f7c727fac94acee49765dd0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d
b35e27ec4deb75622dd9c9eda411aee209567d53e1bb82454f2945f5b7ca7249
b3fce15cf3dc6756b92945e2bba573c0fcfa884db4f9072c9a0a091bd0e50249
b61734075cad1d99e73d1ac8acd23e106a57cc52c5d25b6d2bc7ec742e6c08d4
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bedf667d93553c80372c5fa6aac1b9b6e0e1f53f046f778d08854a1f2c056998
bf74ffb1ddb0d5fbed4bdcd13b574d21e6d9259fc5fc42fba1b7d97d695d0bf4
c20d38c73599790fa3f77a69662fd768373daf6f9ae9afa8b4dcbd460bc54033
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc2933639d268e847fbc74fe8728a6b351c0272623d241d72d016205043ea157
cc59c9abe8aa65aabcf30d619bf5b30aa80b83d82b5ece4d5177472109d6918d
ce8fefe64b7ee9f1f2b5cd57ea9990e12d34efcb5c1f9633b7c5d5bc00ae5590
cea98e96e2dd2c0c6588d2fa58ad9e124a08dbd35793bcecb0e705e47135c8fa
d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233
d3de8a6b01b7777575f806a98194b286a6ddb0f1751668c9deddde5fd038c62d
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6a8cac1efb2ac385bde68bb0a6df9d78bee05bc3888fc3f8a6e327333ef805b
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de52b02e597db1f3883f432a143d8c604da2f14929d9e27b1c9d0474e7fb040c
de826411418e811bb5657b85f11081e94c3317a89bcb4de32b093a2e8fa60c6e
df8cad4d70ceb58260be365f53856f823d1973616d02efb54c897fde37981f32
e1a0c2788b10316bfac532720c627383c1bb370513eaac1ef519db4cdcef7e77
e2fed37917d2ef847f20613f7382ab973784b478236647776a65f5588438333b
e343b8954bd074ea50860faa6cc25119e836d1b896881e9d00200a249fe23ab5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
ead59c083f49207d7360564383b9c33c1f3271540681478c7fa2ee1777411bc0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee8d093524afa31a27b0f1107d73e268786083c5e556bda88eb0408fbbc96da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f078caf2d237710b634372d80fd84966a84a256c7cfdb92d6ea1f77ccf4fd9c9
f0bc3cf047c5ba176be673ed6229de4b8771905c190ed7e20db9178c0783c0d3
f1b9c7c1d6110b6defa387370bfadaff8b69b64f6c93c8b050fbadd4227bfd01
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f49251b1e09c4ce3c45d2d929ed769a0adf52f9dc5ee45ddd0a051ab8d6b7728
f59eb6a8d1a0e31ccd9cf0313958c01690daee71757a607f0138a01ab7a2a3b2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67bba6b19415a32bd07e53439fff0f7feb6b8fa4057b0fe56ed1225a22b816b
f72bc934728472cd66ad4cc45b4de15c520d6be57a29e3cce9cd9bf25b9eca01
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f789fdbc36d5fbc1965499a824783de75e96194a48c18b4a7ddde20680eda194
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

e4t.com.br Open in urlscan Pro 142.44.179.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

97 %HTTPS

0 %IPv6

16 Domains

36 Subdomains

31 IPs

3 Countries

3965 kBTransfer

10992 kBSize

18 Cookies

4 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

e4t.com.br Open in urlscan Pro
142.44.179.115 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

97 %
HTTPS

0 %
IPv6

16
Domains

36
Subdomains

31
IPs

3
Countries

3965 kB
Transfer

10992 kB
Size

18
Cookies

224 HTTP transactions
12 data transactions