www.belasmensagens.com.br Open in urlscan Pro
2606:4700:20::681a:64c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.belasmensagens.com.br/
Effective URL:
https://www.belasmensagens.com.br/
Submission: On November 27 via api (November 27th 2023, 11:11:05 am UTC) from US — Scanned from DE

Summary HTTP 209 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 32 domains to perform 209 HTTP transactions. The main IP is 2606:4700:20::681a:64c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.belasmensagens.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 25th 2023. Valid for: a year.

This is the only time www.belasmensagens.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	2606:4700:20:... 2606:4700:20::681a:64c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a02:26f0:780... 2a02:26f0:780::5f65:3688	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	35.186.238.232 35.186.238.232	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
10	139.45.240.92 139.45.240.92	57304 (RUBY-AS) (RUBY-AS)
6	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
2	2a04:4e42:800... 2a04:4e42:800::282	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:310... 2a02:26f0:3100::1735:29f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	89.149.192.192 89.149.192.192	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	35.241.45.217 35.241.45.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	2a02:26f0:480... 2a02:26f0:480:e::210:f106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a02:26f0:780... 2a02:26f0:780::5f65:3681	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.218.209.78 23.218.209.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:ae80:4::26 2607:ae80:4::26	26558 (FREEWHEEL) (FREEWHEEL)
4	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:480... 2a02:26f0:480:e::210:f108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	138.199.36.11 138.199.36.11	60068 (CDN77 ^_^) (CDN77 ^_^)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:7c00:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:206... 2600:9000:206f:f600:1e:82d4:d9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:b800:1:aa11:940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4009:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:15::9	15169 (GOOGLE) (GOOGLE)
1 3	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.86.138.124 185.86.138.124	201081 (SMARTADSE...) (SMARTADSERVER)
1 4	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:8800:1:bcff:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
209	55

38 2606:4700:20::681a:64c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.belasmensagens.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:780::5f65:3688 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com

ads.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:29f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

monetize-static.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.192 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:e::210:f106 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

csync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:780::5f65:3681 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csync-eu.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-78.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:e::210:f108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.36.11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-11.bunnyinfra.net

widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:7c00:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:f600:1e:82d4:d9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

privacy-sandbox.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:b800:1:aa11:940:93a1 (United States)

ASN16509 (AMAZON-02, US)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4009:808::2003 (Bolingbrook, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:15::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr4---sn-4g5lzner.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.102.185.99 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8800:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	belasmensagens.com.br 1 redirects www.belasmensagens.com.br	4 MB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 ade.googlesyndication.com — Cisco Umbrella Rank: 301	331 KB
19	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 154	203 KB
14	smartadserver.com 3 redirects www8.smartadserver.com — Cisco Umbrella Rank: 7630 csync-global.smartadserver.com — Cisco Umbrella Rank: 6662 csync-eu.smartadserver.com — Cisco Umbrella Rank: 23905 prg.smartadserver.com — Cisco Umbrella Rank: 1611	60 KB
13	viralize.tv ads.viralize.tv — Cisco Umbrella Rank: 24704 monetize-static.viralize.tv — Cisco Umbrella Rank: 22182	300 KB
11	jsuol.com.br tm.jsuol.com.br — Cisco Umbrella Rank: 66672 me.jsuol.com.br — Cisco Umbrella Rank: 82918	268 KB
10	uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 69184 privacy-sandbox.uol.com.br — Cisco Umbrella Rank: 139397 udr.uol.com.br — Cisco Umbrella Rank: 89553 tracker.bt.uol.com.br — Cisco Umbrella Rank: 78593	10 KB
10	notix.io notix.io — Cisco Umbrella Rank: 17058	45 KB
8	tailtarget.com 1 redirects tt-10162-1.seg.t.tailtarget.com — Cisco Umbrella Rank: 103367 m.t.tailtarget.com — Cisco Umbrella Rank: 157346 b.t.tailtarget.com — Cisco Umbrella Rank: 57903 t.tailtarget.com — Cisco Umbrella Rank: 7625	2 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	92 KB
7	gstatic.com csi.gstatic.com fonts.gstatic.com	174 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609	20 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359	113 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	70 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	393 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 imasdk.googleapis.com — Cisco Umbrella Rank: 447 fonts.googleapis.com — Cisco Umbrella Rank: 31	406 KB
3	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	14 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
3	sascdn.com ced-ns.sascdn.com — Cisco Umbrella Rank: 3187	10 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 454	384 B
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	pghub.io pghub.io — Cisco Umbrella Rank: 1822 feed.pghub.io — Cisco Umbrella Rank: 2092	6 KB
2	polyfill.io polyfill.io — Cisco Umbrella Rank: 1329	759 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1735	386 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 68
1	googlevideo.com rr4---sn-4g5lzner.googlevideo.com — Cisco Umbrella Rank: 62548	1 MB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	17 KB
1	getsitecontrol.com widgets.getsitecontrol.com — Cisco Umbrella Rank: 18190	856 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	497 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4925	372 B
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 9102	10 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 903	2 KB
209	32

	Domain	Requested by
38	www.belasmensagens.com.br	1 redirects www.belasmensagens.com.br tm.jsuol.com.br
16	pagead2.googlesyndication.com	www.belasmensagens.com.br pagead2.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com
11	ads.viralize.tv	www.belasmensagens.com.br ads.viralize.tv
10	notix.io	www.belasmensagens.com.br notix.io
10	tm.jsuol.com.br	www.belasmensagens.com.br tm.jsuol.com.br tm.uol.com.br
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.belasmensagens.com.br
9	csync-eu.smartadserver.com	ads.viralize.tv csync-eu.smartadserver.com
6	tpc.googlesyndication.com	cdn.ravenjs.com imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
6	www.google-analytics.com	www.belasmensagens.com.br www.google-analytics.com me.jsuol.com.br
5	csi.gstatic.com	imasdk.googleapis.com
5	privacy-sandbox.uol.com.br	tm.jsuol.com.br www.belasmensagens.com.br
5	www.googletagmanager.com	www.belasmensagens.com.br www.googletagmanager.com me.jsuol.com.br
4	ib.adnxs.com	1 redirects tm.jsuol.com.br
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	ade.googlesyndication.com	www.belasmensagens.com.br
3	sb.scorecardresearch.com	1 redirects www.belasmensagens.com.br
3	tm.uol.com.br	tm.jsuol.com.br www.belasmensagens.com.br
3	pubads.g.doubleclick.net	imasdk.googleapis.com www.belasmensagens.com.br
3	c.amazon-adsystem.com	monetize-static.viralize.tv cdn.ravenjs.com
3	ced-ns.sascdn.com	csync-eu.smartadserver.com
3	csync-global.smartadserver.com	3 redirects
3	imasdk.googleapis.com	ads.viralize.tv imasdk.googleapis.com www.belasmensagens.com.br
2	eus.rubiconproject.com	tm.jsuol.com.br eus.rubiconproject.com
2	gum.criteo.com	tm.jsuol.com.br
2	b.t.tailtarget.com	tm.jsuol.com.br
2	m.t.tailtarget.com	1 redirects www.belasmensagens.com.br
2	fonts.gstatic.com	www.belasmensagens.com.br fonts.googleapis.com
2	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
2	www.google.de	www.belasmensagens.com.br
2	www.google.com	www.belasmensagens.com.br tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	monetize-static.viralize.tv	ads.viralize.tv monetize-static.viralize.tv
2	polyfill.io	ads.viralize.tv www.belasmensagens.com.br
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	tm.jsuol.com.br
1	t.tailtarget.com
1	tracker.bt.uol.com.br	www.belasmensagens.com.br
1	udr.uol.com.br	tm.jsuol.com.br
1	fonts.googleapis.com
1	prg.smartadserver.com	tm.jsuol.com.br
1	s.seedtag.com	tm.jsuol.com.br
1	www.youtube.com	www.belasmensagens.com.br
1	ad.doubleclick.net	www.belasmensagens.com.br
1	region1.analytics.google.com	www.googletagmanager.com
1	rr4---sn-4g5lzner.googlevideo.com	www.belasmensagens.com.br
1	me.jsuol.com.br	tm.jsuol.com.br
1	s0.2mdn.net	imasdk.googleapis.com
1	aax.amazon-adsystem.com	cdn.ravenjs.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	widgets.getsitecontrol.com	www.belasmensagens.com.br
1	feed.pghub.io	pghub.io
1	ads.stickyadstv.com	www.belasmensagens.com.br
1	ad.yieldlab.net	ads.viralize.tv
1	pghub.io	www.belasmensagens.com.br
1	www8.smartadserver.com	www.belasmensagens.com.br
1	cdn.ravenjs.com	ads.viralize.tv
1	unpkg.com	www.belasmensagens.com.br
1	ajax.googleapis.com	www.belasmensagens.com.br
209	60

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
br.pinterest.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-25` - `2024-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.uol.com.br DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-05-10`	8 months	crt.sh
*.viralize.tv Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2023-12-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
notix.io R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-11-12` - `2023-12-12`	a month	crt.sh
monetize-static.viralize.tv R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2023-03-07` - `2024-04-07`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.uol.com.br Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.jsuol.com.br Amazon RSA 2048 M01	`2023-08-03` - `2024-08-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
uol.com GeoTrust TLS RSA CA G1	`2023-09-11` - `2024-09-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.belasmensagens.com.br/
Frame ID: D1CB1C467C71C20DF6B2EB74AA829C0A
Requests: 113 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 9DC7E20F1B1DE6AFD1D240FA30D87258
Requests: 24 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/2058/CookieSync.html
Frame ID: C20F1F7F34300239DE550586E8415225
Requests: 4 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/2161/CookieSync.html
Frame ID: A48759C7D5A1CCDB4F25B041038F0761
Requests: 4 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/3668/CookieSync.html
Frame ID: 5DAFC3FEA31C9AD31F8B786F63707AA8
Requests: 4 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/6846326/766/2x2?ts=1701083457&type=h&gdpr=1&consent=
Frame ID: BA07AEDEB0382F25C58D55A9F1CEF479
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&owner=P%26G&bp_id=showheroes&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Frame ID: 1747A09E6708FC23A529137F9FBF0696
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: E211DC3DFFF3DB7C4B1E3CA6F95BA7B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4546623105289528&output=html&adk=1812271804&adf=2712904484&lmt=1701083457&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701083457742&bpp=3&bdt=357&idt=195&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3719976950296&frm=20&pv=2&ga_vid=2089323646.1701083458&ga_sid=1701083458&ga_hid=1287711670&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44785292%2C44809314%2C31078297%2C31079699%2C44806140%2C44807764%2C44808148%2C44808285%2C44809057%2C44809071%2C318512601&oid=2&pvsid=2696565664275447&tmod=648748673&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=205
Frame ID: DB8447575B50A894E6482D7DA6236152
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: B7839E4B4E2E11063C9A615B446532F9
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CC7F8D3351E91B72B0E284755A0054F0
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: E68E6E99C62A90B6E85B5D951CC38FB3
Requests: 2 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 6D0FCE4B45D59CFCEF696E039F99F302
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: E21BA22B931A8DDCFAD4D0BEBE8B1ECA
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 42642D9E0A78F90055A3A5736368AD0C
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: F630A646584CF818A7BB8BBF520C9608
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 148C0531514E0201B59F06634EA1787A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 214200ADDB069EB374A89C53E86C772D
Requests: 3 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 0C821FFE9EB8814688E8593809D3D146
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 8D621BB67410AC76A0B0D24BAA0A4212
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C2F34B2BEDD8EB52E8600CD4620DCCA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD98F8B75FF61B342A75308BCE2260A7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0AD04F35DAF0D3F8B15C6190A4DADAFC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A97ABA48F00A95CC207BF89E1F06B266
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belas Mensagens

Page URL History Show full URLs

http://www.belasmensagens.com.br/ HTTP 301
https://www.belasmensagens.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

209
Requests

98 %
HTTPS

64 %
IPv6

32
Domains

60
Subdomains

55
IPs

7
Countries

8068 kB
Transfer

13800 kB
Size

33
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/belasmensagens

Search URL Search Domain Scan URL

URL: https://twitter.com/belasmensagens

Search URL Search Domain Scan URL

URL: https://br.pinterest.com/belasmensagensbr/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/oficialbelasmensagens

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCA-i1mU6k4sUreomG3RYmtA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.belasmensagens.com.br/ HTTP 301
https://www.belasmensagens.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://csync-global.smartadserver.com/2058/CookieSync.html HTTP 302
https://csync-eu.smartadserver.com/2058/CookieSync.html

Request Chain 49

https://csync-global.smartadserver.com/2161/CookieSync.html HTTP 302
https://csync-eu.smartadserver.com/2161/CookieSync.html

Request Chain 50

https://csync-global.smartadserver.com/3668/CookieSync.html HTTP 302
https://csync-eu.smartadserver.com/3668/CookieSync.html

Request Chain 131

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 173

https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1

Request Chain 206

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

209 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.belasmensagens.com.br/
Redirect Chain

http://www.belasmensagens.com.br/
https://www.belasmensagens.com.br/

53 KB
13 KB

624ms
577ms

Document
text/html

2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6292b3fcc4a0cabbfc21bcb4118a3fd263d0a4f84592b05abceb3c42235a0289

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-ray: 82c9ed751f243623-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 11:10:57 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.belasmensagens.com.br/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBFOsx3mldA8M3KJu8m0o%2FUGwt%2BmBgRYK3sdWv3u2U8D4ScUsI%2Fw%2BvlcoRB8zOnOaV3XXNyltoSB1g65icvTS42d9rel5n%2Fjb70DKv22mXoGwwRyjUhogDHQQONP1bLAA0waiEd5Yi%2FQfYcJ7%2BbWcSW6HSkgBzc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: BYPASS
CF-Ray: 82c9ed73bba0363f-FRA
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 27 Nov 2023 11:10:56 GMT
Location: https://www.belasmensagens.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jBnhT3IjjFeNN%2FDoq%2B%2FdH6xYNVvMJBEB19R8JXnw6db0cZ98Wks5L%2FvGUXtVcEKkIphWZ%2BnrurckLNqQxc2lz53p%2BWYKOUwSL1lIuYE%2FLVaajSDylw5vfjONKOiKXpODq24DuyL0%2Fn0qtJMmAftk2mK%2BsHqUSI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
cf-apo-via: origin,no-cache

GET
H2 200 bootstrap.min.css
www.belasmensagens.com.br/wp-content/themes/bm/css/ 71 KB
13 KB 62ms
60ms Stylesheet
text/css 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/css/bootstrap.min.css
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095225d09c00e48fae10190c77136bfad208993dc708cc436416627b0fb320c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Jan 2021 15:32:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1138799
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6tWZ91SiiM9ZZYXJktQObNkfGbJ7z%2B76CoGkgOnzNIcr4NMgpsKQjeJh7cUWKf0dW9WQor7dCxatpEBy3IdPYOS%2Fj2AeJM1ioJ0WFIY5gPYVohBCGsv1CQKZjEONpSGV4bjL6MEG8bUYomnHQQ35hYjOAR81a4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82c9ed78bc513623-FRA
expires: max-age=A10368000, public

GET
H2 200 style.css
www.belasmensagens.com.br/wp-content/themes/bm/ 18 KB
4 KB 64ms
62ms Stylesheet
text/css 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/style.css
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f75ec7cf5732e66f445fc8bce027a9bb8c97c6d580aad80e0a8d635e209abab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 29 Sep 2023 17:56:20 GMT
server: cloudflare
age: 1605183
cf-polished: origSize=23531
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3ArgBaqX9PvnWjIBcZ%2B%2F3CtYtV%2B4ygzxBg2UvS%2BJ24jhurU9NdFgdNMe0Rfbe3wFM5GpZh5TlQR%2BfhsvtSO3U2aVowdg%2BEDrz%2FHc%2Fg06DVXy3kTYUq4pt5Ji0X9YGv9x%2BFyX2Ojc%2B984%2BF%2B1h93Wwi0ivoAdpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82c9ed78bc533623-FRA
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 176ms
73ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4546623105289528

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7260bce040ec4b8b946507e1b552161f81b8d11e53aa90b931c15bff4f370f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53067
x-xss-protection: 0
server: cafe
etag: 6643891259618232761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 11:10:57 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 525 KB
81 KB 1516ms
1369ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2282944e32da085e7450b47ad272376aca3c4ed07201627663a4b0a88b4e667f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Mon, 06 Nov 2023 12:56:04 GMT
akamai-grn: 0.8436655f.1701083457.31818f07
etag: 5b75ba30fca01f68d19adaca5367212a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=22, origin; dur=1016, ak_p; desc="1701083457571_1600468612_830574343_103931_874_21_50_146";dur=1
content-length: 82907

GET
H2 200 style.min.css
www.belasmensagens.com.br/wp-includes/css/dist/block-library/ 102 KB
14 KB 62ms
61ms Stylesheet
text/css 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 12:56:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1220664
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBHFtW%2B9FccWqEjgQU4kvRlPx7NdezwAoedAVo7T52jWSyVAFSIYVJDZyWXNPMvo5oEHgpC73ZCJEBf8XQFb5ZGHAj0pLmoBr8A%2FAA10ZtI1CIXXmr7Clu7xBZ3fKZXwQr835y60WSQLqH%2FEo7JNu0fI%2Fp8v%2B1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82c9ed78bc553623-FRA
expires: max-age=A10368000, public

GET
H2 200 styles.css
www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 64ms
63ms Stylesheet
text/css 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 16:52:25 GMT
server: cloudflare
age: 1637955
cf-polished: origSize=2859
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FcS169tRUrjYmxSXFE8sCkOxUYpOwITDwHZEQbeN2ZnuvAMGawsbdJjiJsSUtKDYkk3Zka3LQozD796gxM%2BWUdy%2BOOAGsHoKsDjVb5byyEIj6tDSWnqQd72DbU1gadFvs6jn742qmLalCmBauk8%2BYmovRaIw0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82c9ed78bc573623-FRA
expires: max-age=A10368000, public

GET
H2 200 / Show response
ads.viralize.tv/display/ 106 KB
35 KB 146ms
78ms Script
text/javascript 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 24dead2354f640a8900be9aab41aa54ca30676c75a8c0765f56d49af1805bad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: gzip
via: 1.1 google
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 belas-mensagens.png
www.belasmensagens.com.br/wp-content/themes/bm/images/ 2 KB
2 KB 182ms
182ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/images/belas-mensagens.png
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be0d0585d4c0866551f173ca8a2e18562a1a6a6e45c17f7438d09173e0026e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2272
content-disposition: inline; filename="belas-mensagens.webp"
content-length: 1644
cf-bgj: imgq:100,h2pri
last-modified: Sun, 24 Jan 2021 15:32:11 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1kR6UeZqiD6JOrw2KOT9wIqbtx%2FMEPtOMMDiKMS%2FztxHQc9hxpChthH%2FwOevwKzGOz6DA7JolT8vanCfvsgvgBvI4%2BGwqPc6hIeduoZuEoo%2BwxCaTO5NB3LTGlnzF0hkuqvQy71VUwqljzEg6gYq1Ikhxge9sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82c9ed78bc593623-FRA
expires: max-age=A10368000, public

GET
H2 200 frases-de-elogios-criativos.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 361 KB
361 KB 637ms
636ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/10/frases-de-elogios-criativos.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d6da90f097a7760687e0c9d2405d2803b9983a5644b60f1d4dcc17eadd39ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 27 Oct 2023 12:14:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=402659
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCz8R6KB4UaMKKL8%2FUY6AHUzdpq4ZBIToDJBsOQGcsrn6nn8887V6vCYdUAIi5dGwcpC5SxszWwzqvfhMx361svL7nUYO7HOGGkjYc3M7%2BC48mh8yNHSkuaaGx30wV%2BffH9waob3qLD6Rd1yadkjkLSgpHPjWqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed78bc5b3623-FRA
expires: max-age=A10368000, public

GET
H2 200 mensagens-de-bom-dia-para-whatsapp.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 678 KB
679 KB 185ms
180ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/10/mensagens-de-bom-dia-para-whatsapp.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d66ac18bafe8a50ebbeb8fa9de825ebcf04adf038a0b715835c25b6e5019be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 27 Oct 2023 11:40:21 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=751928
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0Ci0uVmP5aMt8TAqE%2BkbQ7qU64u2eiHVS2jxcv3YdNrPvg0zpX7yi%2FNm359wGy%2BxPyH2Xibs1JZjdrmRzzyJtcZpulM%2F3j3v%2BAEwC6M2qVIhL7u76n0lB62tnn80BG1GDWP%2FZ42UYnAU9HdcWBFv3dBUh3xUAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed793cdd3623-FRA
expires: max-age=A10368000, public

GET
H2 200 frases-de-poemas-curtos.png
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 531 KB
532 KB 540ms
535ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/10/frases-de-poemas-curtos.png
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11eae72fd819f6d784f244bb49543e904f3a1bf5db32f7a3d0353adda4d6bbc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 25 Oct 2023 18:54:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=867355
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfdFHm5HtwF4PsKPKDsckvveFkZo1Y5U%2F1CV20%2FwXeGBWEOqY0wCKvyiQObc1Iq1vEHyP84liXt4b0B6F%2B1u7QoGMvDJ4GIKJVyzXp%2FCuHK9CmVobu57bdcODEPSKOXA7qvau4%2FPy9VsdL%2BMentM9FkdolBNt64%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="frases-de-poemas-curtos.webp"
cf-ray: 82c9ed793ce03623-FRA
expires: max-age=A10368000, public

GET
H2 200 mensagens-de-aniversario-de-filha-para-mae.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 473 KB
474 KB 579ms
574ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/10/mensagens-de-aniversario-de-filha-para-mae.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f6d947bb851044dd79bdf5bd7716c3fb29b6cb44dc659f49fd86c224ef9e653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Oct 2023 12:44:42 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=518652
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk%2Fii28kDfNiro6hjwhRbv0knNDaj8CjwGuO%2FkzS%2BxeyAtB3IbVmmlxSKSD7hq%2BsgnLT1RD%2FwOjfMRdZe9iXIXwHofKAks8DOiEsQ7VIe1IgoybtJ%2BmfOyIW1HMCSZ5PWxijSk23ozEWYtZEKEhiM6M89KnySUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed793ce13623-FRA
expires: max-age=A10368000, public

GET
H2 200 mensagens-de-aniversario-para-cunhado.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 457 KB
458 KB 671ms
667ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/10/mensagens-de-aniversario-para-cunhado.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37416707b4b804a7c56868fbd77fc5e98eb5e4b4ffaedb0ae31cb4c4f8826e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Oct 2023 12:03:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=518269
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZvnwp%2B5VA71dcKLu9Ler22afr8so2JDqfJtYBwQIVI3QAY8MAi2eHI8CshwqcLoLTqhJOV4hRN0YurgiMz0CJMEzi4CaSuHFVi%2F1S3kb%2FYZWauyCMAhar8jFkFsqPQta6kc9PgGQhzQBwVxpdXQ8ThAQIj5Zx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed793cea3623-FRA
expires: max-age=A10368000, public

GET
H2 200 mensagens-de-aniversario-para-filho-amado.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 127 KB
128 KB 233ms
229ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/10/mensagens-de-aniversario-para-filho-amado.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e67819c8e752d7843562058050f7d70a6adf85edf467e2d9ea9431a2eeae8756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Oct 2023 02:32:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBqvbs9WpSWSAbhiMjQxAKWMdIQDXLxIPpOqvLr1%2FabW4mCAYkn7nY7bwSVk1Q3UXtSxdwuuZ3vjyzA4BFz11Cu57wMNjEkmj5DlrBfkWvsFPIIaGl5ewR8Eo4QMFWgJhYUu3PSNvctsgkbSxbu4PL3%2BgtMxwz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed793cec3623-FRA
expires: max-age=A10368000, public

GET
H2 200 frases-da-bondade-de-deus.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/09/ 263 KB
264 KB 231ms
227ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/09/frases-da-bondade-de-deus.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec54a9cf353d9700cfa084145dd27d8845373302abae779d118c5d2efcc11fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Sep 2023 13:57:37 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=289202
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqEqzw2lX9h9Hz7Ik1AdBlwMmiCheDYdlcI4RYfcZfcvuDYFruRjTpY8McmcaAG6iI6ikQ6x8k3fHHGMZbJJkZiY89VscO8QP6WJKONjGuiocSaNmo2F0kFY460Hwof%2FO4TNGJWHhwiPO3xrB0Xad%2FZYJH6%2FVTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed793ced3623-FRA
expires: max-age=A10368000, public

GET
H2 200 mensagens-de-parabens.png
www.belasmensagens.com.br/wp-content/uploads/2023/09/ 413 KB
414 KB 253ms
249ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/09/mensagens-de-parabens.png
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca38fdfd85fede251730192f5f78cfaf3f2e0b38f69a1b7ca07b0aa9e707e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 25 Sep 2023 13:52:09 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=703507
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5udo2%2Fbull56E13yj%2BABMIo0LWrC2kE7RqPIeypi5XyPRMWXsq6TGB9z42dOEKsGB8V%2Fb8D14i6sWb86akkVzdUGH%2Fwso8YGH3fmUyTuJodz5nbe8f6HZ6NCfdFIEAmmouJe1XcarvSV57e3cRyY5PiJmgVrULI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="mensagens-de-parabens.webp"
cf-ray: 82c9ed799d443623-FRA
expires: max-age=A10368000, public

GET
H2 200 mensagens-de-aniversario-para-filha.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/08/ 377 KB
377 KB 284ms
280ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2023/08/mensagens-de-aniversario-para-filha.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26afbfacfab3a8bf5fdf2460cd0dcac9a0c8b64f6c3550eed58c6ffcdca604a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Aug 2023 13:23:03 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=415602
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmU5TPq6uLVXsWxATn8Srs2UZJUF0jTEKPzsEXTQpgPNoc2xB0cZ5xsYI0FYiHAJssA8FiuMhmb8r6Ie1nurBSD8Rxx5%2FCP74M4rbJ7kQ1K%2FOEhKYA1eMfPTBbFLo%2FsYgqanZVwe7HyZ06%2Bz7T3vS0%2F1dB3n%2FYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed799d463623-FRA
expires: max-age=A10368000, public

GET
H2 200 cordeiros-recem-nascidos.jpg
www.belasmensagens.com.br/wp-content/uploads/2022/05/ 34 KB
35 KB 281ms
278ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2022/05/cordeiros-recem-nascidos.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90e4eea987761228cca6f2c5c21105484a4e28dd2929ca394d4b6e8c8a7e78b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 06:40:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90q%2B3zKrlPHMYkjj1qtqNOygrqPceJZdqJ3kbr94MhIXlsSska6M%2F8uSS203opY%2BmPfASHmPkfm3Dh%2BtT3LT34A06AicyZ9rROfSh1lqA4QOjg9IMhz8hWYcR98ka0hnqOBHgqWfLGGXLdUteV3r5cwikt%2FMrqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d473623-FRA
expires: max-age=A10368000, public

GET
H2 200 o-menino-que-descobriu-o-vento-3.jpg
www.belasmensagens.com.br/wp-content/uploads/2020/08/ 81 KB
82 KB 277ms
274ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2020/08/o-menino-que-descobriu-o-vento-3.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b482e17c44b320366108a0e1859d02b0413541ab463b590afc3f8e60ff1c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Aug 2020 17:29:23 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=83800
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGNQU49wU93LnmXUJLXF3kZW00LE%2F77I4G795BJYvAr1VLtFVls7IdOjb2TOTcD75nq1GFUkesdwQrl0syPHeWXx%2FaBKc6iFkbjIjFRbFDuFWfH63J%2BRi8UUuNhg9WzO0LWIYXHU6tNK5%2BzwRFYcoDj1CKUZCPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 82c9ed799d493623-FRA
expires: max-age=A10368000, public

GET
H2 200 jovem-tatua-bilhete-de-avo-2.jpg
www.belasmensagens.com.br/wp-content/uploads/2020/07/ 11 KB
11 KB 616ms
613ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2020/07/jovem-tatua-bilhete-de-avo-2.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eece30c2c835fb69fee6f366ab1685cfec2bb112c4f20799180268a546420f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 14:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K%2Bt2BKEH7n35neF4nSruxYIKtFIN9gpDndqwuTustPhNs%2FZPVXqmV6bqDcmLBWg9HfDk6NLT551rEQXZ3Sv0fcnLLbvm4DsVPgMQzU6ifWuEEqGGVyLtOW%2Fa1gYcynuYTFSONA%2Fdxsp8uMhTUduWcNkcvpaP6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d4b3623-FRA
expires: max-age=A10368000, public

GET
H2 200 albert-einstein.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/03/ 25 KB
26 KB 252ms
249ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2014/03/albert-einstein.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 729f41f5afe9a3a2da94c5a4bdd3448e5136a587594837174c90a04e0b8d79fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jun 2022 15:30:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsOeN8aq8HWoWpq5Cyv8ClRrersbkfKjTphto%2FZ%2BoTbk2tfeXU0cfxczF13l3UJi1w3qIZVBgfmNx0%2BCLN3FyZOnVrNKn4R0t%2BoAxU%2F%2Bk2rCOBuWRBs%2FVBJr%2BaKTXOsd0wDdH2SzWFVHJZpTm%2Bs3%2BQ9S4qT3ql4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d4c3623-FRA
expires: max-age=A10368000, public

GET
H2 200 nietzsche.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/08/ 6 KB
7 KB 233ms
230ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2014/08/nietzsche.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e36cc8846e3595c046f4888caadba0c64ae31ae9e153d8cebbcfc28afeed34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jun 2022 16:50:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yjITBMcrF78onGig%2B3MlWYZebhkQD93gZRWMFhHSieqKIq4uVi%2Bj1mr%2FcrWT%2BkxOOrxoAL0BxIyKj8ZETDwTp6EZT17UJ3vp3eVRzxaeI292u3A3JSfvyvbs3Q0TIKR5Xl5SgydHZR483P9k2FYCSTAuNnxSKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d4d3623-FRA
expires: max-age=A10368000, public

GET
H2 200 clarissa-correa.jpg
www.belasmensagens.com.br/wp-content/uploads/2017/09/ 16 KB
16 KB 251ms
249ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2017/09/clarissa-correa.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0062cd1266d146c7b0bbbf4ae0b650e9a39e24a2833fdff87bd9bf5e9fc132ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Jun 2022 01:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI07TcB7XivugVeCoadrGO5AcZmmZCGJrH6myZk2msBxhC%2FTF0A9ci0WqUvmDFPB6609a3%2FsuGb%2FWgjbJ0zLNmKSBc7jMtcgfs7StcUu%2FG4ZT7W66Q9RUuED2fgEJe6a%2BI9QeIdJixSU44A%2BiTOrGR6YMDM0RL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d4e3623-FRA
expires: max-age=A10368000, public

GET
H2 200 william-shakespeare.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/03/ 15 KB
15 KB 252ms
249ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2014/03/william-shakespeare.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19155aa67da5a92b18923455bd3445857e3872b776d3843dcf5507d96c617be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jun 2022 15:30:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIv5gkvvt6jqRMUuwq9odsiOrRb3h%2F9snoR4VrsOa6CP5lliUv%2Fo%2BfuEhOE2Ekh1rV4h0cpB9pmvwm4kLYedvVeHhbkwBE50lS0iQWD5tm2yHg%2BfNj1xxQSgeX0efFMa4QkEMbhdDI7j2NuipoC3rg3wD%2FjWnbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d4f3623-FRA
expires: max-age=A10368000, public

GET
H2 200 charlie-brown-jr.jpg
www.belasmensagens.com.br/wp-content/uploads/2017/12/ 19 KB
19 KB 251ms
248ms Image
image/jpeg 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2017/12/charlie-brown-jr.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66ab1c2a5411b1f4ca3043d9ccdb4a5964cfd0522a6e36eb26cad5dea4afd93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 13 Nov 2020 17:38:43 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJKi6hDgnefQnadgH7UUBTaQl5Hn%2FwOdOpgtdc4Qs8K3GVzJ%2FFz%2B9LfBAWgs6MeFZ3SOgkSSjix7nvwwvCyBJu%2FBBXZ5RoIBStCP7cFH17NKQMXjTTfkEcmC5gQSisNCfeDxdR%2FMWj%2B6NLwpmFlSLL9fiPIVfTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82c9ed799d503623-FRA
content-length: 19015
expires: max-age=A10368000, public

GET
H2 200 clarice-lispector.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/08/ 9 KB
9 KB 233ms
231ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2014/08/clarice-lispector.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fc7ae3e7254890159b0be1401fcfb597c1ab415463f95951dcf3b28ab3d8a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jun 2022 16:50:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgW1lEHGiLaeKYfXpUGCSZHLnLh9z8XA0H8WquP2w3KoLdc06QEKxYCvwgIrNk97bzEZUtWUxNPeYtG11ZLgqHjU77Kczgqek8ORt7oJ05bp3Q3cc1a3XKlp33o3aOIXqq5RQv8AxmvWQO4cUKkxiC8LCMT3%2Fg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d523623-FRA
expires: max-age=A10368000, public

GET
H2 200 cecilia-meireles.jpg
www.belasmensagens.com.br/wp-content/uploads/2017/12/ 8 KB
8 KB 282ms
280ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2017/12/cecilia-meireles.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f928ea00f343ee7408675e8c150c74f9e9322a2ba6708d16317510105f165c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 04:26:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw12pukcW%2FIlaFLwVQKcQQ%2F1YCS8fn1raYNU8Wbuotst0GPukOeXv%2FUWh%2BsEAvzHh3vLWoxPWVTn07MncEgL2TVGhbw8uNJr3XL4vjC4CP%2FBZ2lbyQuiuP6gFiuXGFS1kGfy0xs8RKO9wCP0Fv04J25HT8xYa4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d533623-FRA
expires: max-age=A10368000, public

GET
H2 200 augusto-cury.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/03/ 9 KB
9 KB 608ms
606ms Image
image/webp 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belasmensagens.com.br/wp-content/uploads/2014/03/augusto-cury.jpg
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c38322d16f3f50bed9d5118f55a3f2482b107d2f7768cf34fb9d691b00dc8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jun 2022 15:30:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgeVNCoFYWR9A7q1rZNci5KQ%2FXE3%2BgJD9GjY%2B5wY9rz%2BFogJ16hkcDplrh1oMhYGR5bCH4Iam9hHE9CJlo68nC4jqILNg6Ev8wwufaLaqKz%2BxxeeEwFWmfw%2FNGG4Y9TIyehaADQh%2BTUcROtv9HD8%2Bkidi%2BYMtnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 82c9ed799d543623-FRA
expires: max-age=A10368000, public

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 137ms
23ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 04:16:03 GMT

GET
H2 200 bootstrap.min.js Show response
www.belasmensagens.com.br/wp-content/themes/bm/js/ 18 KB
6 KB 78ms
73ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/js/bootstrap.min.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c915ff050126424c92d7b9a1b0472e430ef495f89bff63e2f5692f6a6f2e956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Jan 2021 15:32:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1138798
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXxq%2FXLm18JjAC2oTNbyz1M7q9Ur%2F6WQa5fJ5tSp34yrPGogBKaZV2jbMf35zBI9t7LZBmQJ83%2Fk2pcDmn4hd6kyZDVYSRCyantSkfUcwtk9UOJG8rYxZZ9kkQ23h6wZwMFvaz6VJoK55CpjWixaFsUJw8e9%2FAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed793ce23623-FRA
expires: max-age=A10368000, public

GET
H2 200 masonry.pkgd.min.js Show response
www.belasmensagens.com.br/wp-content/themes/bm/js/ 24 KB
8 KB 80ms
75ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/js/masonry.pkgd.min.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Jan 2021 15:32:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1239454
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXdZLFUmN7SVmP1Pz6%2Fo5AdIBzatodg1KSdsUfa54OmNhbvyMtJimOpPhRrxhw6tibSVKqU58AVpA3LGjvwtxHrKSlccAyR7F2PkLJbsBX0FUMezcCrjKTwrRTDh0%2F7%2FLBdSljKZYomVZVpg8hd%2FZsxnWILESzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed793ce43623-FRA
expires: max-age=A10368000, public

GET
H2 200 imagesloaded.pkgd.min.js Show response
www.belasmensagens.com.br/wp-content/themes/bm/js/ 5 KB
2 KB 81ms
76ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/js/imagesloaded.pkgd.min.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b3dc94297cd47d4b2195477eff1acd681aa73851590061b58b32fc05a4a007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Jan 2021 15:32:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1401863
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfOR28jjOr55iniolWQD%2F%2F5XuBq2Z6McihJHvQgRdMxtBP0BLFJLp7CZDZvqo8uPA2j4IctGTSX9BoPjZfQgqJBspT0XIxTBeq4AU9%2BZPk%2B%2BHqSHeSI7Q%2FsLiYDEiu2zWg0a3vkrYUpG0MPzQJoyiJhPQYr%2FPrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed793ce53623-FRA
expires: max-age=A10368000, public

GET
H2 200 scripts.js Show response
www.belasmensagens.com.br/wp-content/themes/bm/js/ 1 KB
815 B 75ms
71ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/js/scripts.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bbd2803f99d45e9b364c4e31cfbd21201229bef54766227389a97ea30abcf31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Jun 2022 08:38:31 GMT
server: cloudflare
age: 1220664
cf-polished: origSize=3088
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evZgjvgaZ6V8GH9y1oBGZNuAH%2BSAe4pb2vU3MMYgzQnIhUp9z21hhinvjBopDFBiKSLtiuzO0I%2B28JThxD4iW3tqXAKKxAcbBcPxiqADJ5rpBbl0WvPeEEocW8%2F7%2Fx1lmjS2j2wtwl3FX8kuyL6mAzsfNIorXVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed793ce63623-FRA
expires: max-age=A10368000, public

GET
H2 200 index.js Show response
www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 78ms
74ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 16:52:25 GMT
server: cloudflare
age: 1500018
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzxhR3zOR29zAkrFIjaCGBQcOhXAuX1eU1JJpUeuLJuzcnm0Wia%2BO%2FauON9MHfE0XACPmDvqrPlQTQt3Pzkt9MDPTywgVthx3nb1mhaWZ9pidUI%2Bjwt8yvcF2w222%2FaUalfCXdIF8uCVUxs5ZbPqyfFGwy%2B%2BaTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed793ce83623-FRA
expires: max-age=A10368000, public

GET
H2 200 index.js Show response
www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 76ms
72ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 16:52:25 GMT
server: cloudflare
age: 1467514
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYZqxjSbvtYTvCufNT%2BTt6ppBIHOAOWpId0D9XhXtjqdjO4yDD31CUOGuApcNvhDDxeWCJiSJA0j2VHPXLqz98fJTfY%2FZ545%2Bt6tX3KrnYrhxcj04eDUxDIiD%2BGejsVApeFRQ7HTWBtFtP%2B9qLp9%2Fc1VJjfWKKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed793ce93623-FRA
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 187ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d456e7e634175b6300e166014bec0a6d361e7ce727049caa19431c3c31654eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52737
x-xss-protection: 0
server: cafe
etag: 3486540665174591423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=172800
timing-allow-origin: *
expires: Mon, 27 Nov 2023 11:10:57 GMT

GET
H2 200 web-vitals.es5.umd.min.js Show response
unpkg.com/web-vitals@0.2.2/dist/ 3 KB
2 KB 141ms
41ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@0.2.2/dist/web-vitals.es5.umd.min.js

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d267db333e9a17b07c0dddb57e772fd638b27a466881aceee2e4e3e60b0843e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1236996
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF3BX5M3YHKT9094VSWVDG6C-fra
server: cloudflare
etag: W/"d85-nmRVQsTupJw/x4ubrBBWgsznhFE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82c9ed79cae76909-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 142ms
40ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTFD

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6383c5ef7fccaebaf923e4c291dc5f5225e9a5d47cf4568f6ce5e43161d5e628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61309
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Nov 2023 11:10:57 GMT

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 144 KB
44 KB 176ms
40ms Script
application/javascript 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b07c2093b7212a29366109054dd435a0ecc5980622b9b34eaf2bdb5fb77c3336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:53 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2023 10:51:20 GMT
server: nginx
etag: W/"6554a2a8-23fab"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 121ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 09:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6663
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 27 Nov 2023 11:19:54 GMT

GET
BLOB 200
OK 9c7e65bb-d3bd-41ae-9dcb-3b24fe5bf24a
https://www.belasmensagens.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.belasmensagens.com.br/9c7e65bb-d3bd-41ae-9dcb-3b24fe5bf24a
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 / Show response
ads.viralize.tv/player/ 9 KB
3 KB 64ms
64ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AAEn2iG_Bt_nZPrQ&sid=01ee8d15a3aa56441d239145aea20fb2&activation=onload&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ahd=1&player_session=%7B%22page_id%22%3A%22018c1079a824389ab11e2279eb743a60%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A0%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A400%2C%22height%22%3A225%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=belasmensagens.com.br
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 2a55a7d1da5bcc5478ddc6a927ef6ec4278c1c0a2ef2bbe2848359f070181871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: gzip
via: 1.1 google
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 9DC7 25 KB
10 KB 118ms
66ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 31498
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 9DC7 101 B
604 B 110ms
58ms Script
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:10:57 GMT
age: 2322673
detected-user-agent: Chrome/119.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9DC7 365 KB
126 KB 137ms
78ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Mon, 27 Nov 2023 11:10:57 GMT

GET
H2 200 viralize_player.min.5eb18704.js Show response
monetize-static.viralize.tv/ Frame 9DC7 405 KB
116 KB 423ms
44ms Script
application/javascript 2a02:26f0:3100::1735:29f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://monetize-static.viralize.tv/viralize_player.min.5eb18704.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:29f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bea981f9cd3eb65830019036bce902f4be550543840ed70fb4998cdba0abbc0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPqpsXalkKMqp0dOw-vU5IQC43xF975i85Ji2KN3SxEX55Cb53K22p74xjLJRZhsw7XOJO8
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 117826
last-modified: Thu, 23 Nov 2023 11:11:14 GMT
server: UploadServer
etag: "5eb18704dae5250866d94aadbf009eee"
vary: Accept-Encoding
x-goog-generation: 1700737874226426
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ASx8VA==, md5=XrGHBNrlJQhm2UqtvwCe7g==
cache-control: public, max-age=2592000
x-goog-stored-content-length: 414578
accept-ranges: bytes
expires: Wed, 27 Dec 2023 11:10:57 GMT

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 208 B
486 B 243ms
34ms Script
application/javascript 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=3442425584&out=js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: fb101b97c5c742bd1e11cd1db093675c301e1e08513255358d0621f3dd278b79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: application/javascript; charset=UTF-8
x-smrt-i: 5733718
cache-control: no-cache,no-store

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 83ms
25ms Script
application/javascript 35.241.45.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:53:19 GMT
content-encoding: gzip
age: 1058
x-guploader-uploadid: ABPtcPrZMewL5GaCsrDYQ4OuTUtDk0gf6_IN7Og48EicgcxL-FwoORMXr_US4fx_thf0MlJs-kc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1

200
OK

CookieSync.html Show response
csync-eu.smartadserver.com/2058/ Frame C20F
Redirect Chain

https://csync-global.smartadserver.com/2058/CookieSync.html
https://csync-eu.smartadserver.com/2058/CookieSync.html

435 B
783 B

108ms
58ms

Document
text/html

2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 435
Content-Type: text/html
Date: Mon, 27 Nov 2023 11:10:57 GMT
ETag: "4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires: Mon, 27 Nov 2023 12:10:57 GMT
Last-Modified: Tue, 22 Feb 2022 10:05:45 GMT
Server: AkamaiNetStorage

Redirect headers

Cache-Control: private, max-age=86400
Connection: keep-alive
Content-Length: 0
Date: Mon, 27 Nov 2023 11:10:57 GMT
Expires: Tue, 28 Nov 2023 11:10:57 GMT
Location: https://csync-eu.smartadserver.com/2058/CookieSync.html
Server: AkamaiGHost

GET
H/1.1

200
OK

CookieSync.html Show response
csync-eu.smartadserver.com/2161/ Frame A487
Redirect Chain

https://csync-global.smartadserver.com/2161/CookieSync.html
https://csync-eu.smartadserver.com/2161/CookieSync.html

435 B
783 B

108ms
35ms

Document
text/html

2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 435
Content-Type: text/html
Date: Mon, 27 Nov 2023 11:10:57 GMT
ETag: "4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires: Mon, 27 Nov 2023 12:10:57 GMT
Last-Modified: Tue, 22 Feb 2022 10:05:45 GMT
Server: AkamaiNetStorage

Redirect headers

Cache-Control: private, max-age=86400
Connection: keep-alive
Content-Length: 0
Date: Mon, 27 Nov 2023 11:10:57 GMT
Expires: Tue, 28 Nov 2023 11:10:57 GMT
Location: https://csync-eu.smartadserver.com/2161/CookieSync.html
Server: AkamaiGHost

GET
H/1.1

200
OK

CookieSync.html Show response
csync-eu.smartadserver.com/3668/ Frame 5DAF
Redirect Chain

https://csync-global.smartadserver.com/3668/CookieSync.html
https://csync-eu.smartadserver.com/3668/CookieSync.html

435 B
783 B

107ms
34ms

Document
text/html

2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 435
Content-Type: text/html
Date: Mon, 27 Nov 2023 11:10:57 GMT
ETag: "4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires: Mon, 27 Nov 2023 12:10:57 GMT
Last-Modified: Tue, 22 Feb 2022 10:05:45 GMT
Server: AkamaiNetStorage

Redirect headers

Cache-Control: private, max-age=86400
Connection: keep-alive
Content-Length: 0
Date: Mon, 27 Nov 2023 11:10:57 GMT
Expires: Tue, 28 Nov 2023 11:10:57 GMT
Location: https://csync-eu.smartadserver.com/3668/CookieSync.html
Server: AkamaiGHost

GET
H/1.1 200
OK 2x2 Show response
ad.yieldlab.net/d/6846326/766/ Frame BA07 61 B
372 B 80ms
33ms Document
text/html 23.218.209.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/d/6846326/766/2x2?ts=1701083457&type=h&gdpr=1&consent=
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-78.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Language: de-DE
Content-Length: 61
Content-Type: text/html;charset=UTF-8
Date: Mon, 27 Nov 2023 11:10:57 GMT
Expires: Sun, 26 Nov 2023 11:10:57 GMT
Pragma: no-cache

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
497 B 162ms
30ms Image
image/gif 2607:ae80:4::26
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 11:10:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1701083457695064-573

GET
H2 200 icomoon.ttf
www.belasmensagens.com.br/wp-content/themes/bm/fonts/ 6 KB
6 KB 34ms
34ms Font
application/x-font-ttf 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-content/themes/bm/fonts/icomoon.ttf?vuvm34
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/wp-content/themes/bm/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d4f4059ddadc8ed73873385780bc73385ae4cb38680220331f5c33b82c1d2b

Request headers

Referer: https://www.belasmensagens.com.br/wp-content/themes/bm/style.css
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
cf-cache-status: HIT
last-modified: Sun, 24 Jan 2021 15:32:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2185542
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYEUh4nanDtmaYsTNERKfmElcCTFActiYv27ky%2F9cwDalHgbCMcpiBDjdW%2BeMbbI8fUya1qSif0pBHcfWikFcgh%2FWav1Tei0gIlQhbmf3dG8WWTtZwo2aivonrlPFlLjOk%2BLIdE6ezQsOJe89l6QEvskRqPKlv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=31536000
cf-ray: 82c9ed7a2ded3623-FRA
expires: max-age=A10368000, public

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 31ms
30ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KK2WM5X&cid=2089323646.1701083458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f93643a4970611f7ea3e9bbfd711a49de9e3f05b2ebcf5ddd5c0827da1722879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50699
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Nov 2023 11:10:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
353 B 125ms
31ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4872125-1&cid=2089323646.1701083458&jid=911885374&gjid=1585032521&_gid=1801170254.1701083458&_u=IEBAAEAAQAAAACAAI~&z=1386606452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Nov 2023 11:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
feed.pghub.io/ Frame 1747 13 B
270 B 92ms
35ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&owner=P%26G&bp_id=showheroes&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 27 Nov 2023 11:10:57 GMT
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BET9P2RY3W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e33259b1585be59a1a4df3abd5fd8a208d254c9314892bf5c4bd8863cdf0bec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 11:10:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 51ms
49ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LH8HHLTZNN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a72d96ee789b3b52007d7862b59a887adfd1779d0a8276d838cb43fd993c1c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 11:10:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
31ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1287711670&t=pageview&_s=1&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ul=en-us&de=UTF-8&dt=Belas%20Mensagens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAACAAI~&jid=404532770&gjid=1159575371&cid=2089323646.1701083458&tid=UA-4872125-86&_gid=1801170254.1701083458&_r=1&_slc=1&z=1231618715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 397 KB
134 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4546623105289528&plah=www.belasmensagens.com.br&bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4546623105289528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7c2e0c7e7afbd7cd865a3da4a6a0e1d24b68dd91e1dac0dc67235a9e09a1db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137291
x-xss-protection: 0
server: cafe
etag: 15876881027491596726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 11:10:57 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame E211 9 KB
4 KB 74ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4546623105289528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 07:40:25 GMT
etag: 16674218716276178799
expires: Mon, 11 Dec 2023 07:40:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 31ms
31ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4872125-86&cid=2089323646.1701083458&jid=404532770&gjid=1159575371&_gid=1801170254.1701083458&_u=KGDAAEADQAAAACAAI~&z=2094157123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Nov 2023 11:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
notix.io/ 106 B
367 B 55ms
53ms Fetch
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1005700a463e142b6147f331b0b8a98&ver=0.15.17

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 106

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame 9DC7 101 B
155 B 23ms
22ms Other
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:10:57 GMT
age: 2322673
detected-user-agent: Chrome/119.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK cmp.js Show response
ced-ns.sascdn.com/diff/js/modules/ Frame 5DAF 10 KB
3 KB 197ms
21ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 08:27:40 GMT
Server: AkamaiNetStorage
ETag: "9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3066

GET
H/1.1 200
OK CookieSync.min.js Show response
csync-eu.smartadserver.com/3668/ Frame 5DAF 74 KB
17 KB 37ms
36ms Script
application/x-javascript 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/3668/CookieSync.min.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/3668/CookieSync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 08:58:40 GMT
Server: AkamaiNetStorage
ETag: "c1430567800a2cd191c5289a4ca46139:1700471429.892258"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16507
Expires: Mon, 27 Nov 2023 12:10:57 GMT

GET
H/1.1 200
OK TemplatePool.min.js Show response
csync-eu.smartadserver.com/3668/ Frame 5DAF 11 KB
2 KB 36ms
36ms Script
application/x-javascript 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/3668/TemplatePool.min.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/3668/CookieSync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 08:58:41 GMT
Server: AkamaiNetStorage
ETag: "8a58c7020312411d6239d6e73a6c978f:1700471430.245669"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1942
Expires: Mon, 27 Nov 2023 12:10:57 GMT

GET
H/1.1 200
OK cmp.js Show response
ced-ns.sascdn.com/diff/js/modules/ Frame A487 10 KB
3 KB 194ms
22ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 08:27:40 GMT
Server: AkamaiNetStorage
ETag: "9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3066

GET
H/1.1 200
OK CookieSync.min.js Show response
csync-eu.smartadserver.com/2161/ Frame A487 74 KB
17 KB 36ms
35ms Script
application/x-javascript 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/2161/CookieSync.min.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/2161/CookieSync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 08:58:40 GMT
Server: AkamaiNetStorage
ETag: "c1430567800a2cd191c5289a4ca46139:1700471429.892258"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16507
Expires: Mon, 27 Nov 2023 12:10:57 GMT

GET
H/1.1 200
OK TemplatePool.min.js Show response
csync-eu.smartadserver.com/2161/ Frame A487 11 KB
2 KB 60ms
25ms Script
application/x-javascript 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/2161/TemplatePool.min.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/2161/CookieSync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 08:58:41 GMT
Server: AkamaiNetStorage
ETag: "8a58c7020312411d6239d6e73a6c978f:1700471430.245669"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1942
Expires: Mon, 27 Nov 2023 12:10:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 87ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LH8HHLTZNN&gtm=45je3b81v877712674z8533936&_p=1701083457454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2089323646.1701083458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701083457&sct=1&seg=0&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=Belas%20Mensagens&en=page_view&_fv=1&_ss=1&tfd=1295
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH8HHLTZNN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 69ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BET9P2RY3W&gtm=45je3b81v887490552z8533936&_p=1701083457454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2089323646.1701083458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701083457&sct=1&seg=0&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=Belas%20Mensagens&en=page_view&_fv=1&_ss=1&tfd=1313
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BET9P2RY3W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cmp.js Show response
ced-ns.sascdn.com/diff/js/modules/ Frame C20F 10 KB
3 KB 148ms
22ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 08:27:40 GMT
Server: AkamaiNetStorage
ETag: "9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3066

GET
H/1.1 200
OK CookieSync.min.js Show response
csync-eu.smartadserver.com/2058/ Frame C20F 74 KB
17 KB 32ms
32ms Script
application/x-javascript 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/2058/CookieSync.min.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/2058/CookieSync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 08:58:40 GMT
Server: AkamaiNetStorage
ETag: "c1430567800a2cd191c5289a4ca46139:1700471429.892258"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16507
Expires: Mon, 27 Nov 2023 12:10:57 GMT

GET
H/1.1 200
OK TemplatePool.min.js Show response
csync-eu.smartadserver.com/2058/ Frame C20F 11 KB
2 KB 40ms
39ms Script
application/x-javascript 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-eu.smartadserver.com/2058/TemplatePool.min.js
Requested by: Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync-eu.smartadserver.com/2058/CookieSync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:10:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 08:58:41 GMT
Server: AkamaiNetStorage
ETag: "8a58c7020312411d6239d6e73a6c978f:1700471430.245669"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1942
Expires: Mon, 27 Nov 2023 12:10:57 GMT

POST
H2 200 event
notix.io/ 15 B
275 B 45ms
42ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 11:10:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 142ms
47ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.belasmensagens.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 27 Nov 2023 11:10:54 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
275 B 47ms
45ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 11:10:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 142ms
47ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.belasmensagens.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 27 Nov 2023 11:10:54 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
275 B 46ms
44ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 11:10:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 142ms
48ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.belasmensagens.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 27 Nov 2023 11:10:54 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
275 B 46ms
43ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 11:10:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 141ms
47ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.belasmensagens.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 27 Nov 2023 11:10:54 GMT
server: nginx

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB84 0
188 B 240ms
239ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4546623105289528&output=html&adk=1812271804&adf=2712904484&lmt=1701083457&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701083457742&bpp=3&bdt=357&idt=195&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3719976950296&frm=20&pv=2&ga_vid=2089323646.1701083458&ga_sid=1701083458&ga_hid=1287711670&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44785292%2C44809314%2C31078297%2C31079699%2C44806140%2C44807764%2C44808148%2C44808285%2C44809057%2C44809071%2C318512601&oid=2&pvsid=2696565664275447&tmod=648748673&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4546623105289528&plah=www.belasmensagens.com.br&bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 11:10:58 GMT
expires: Mon, 27 Nov 2023 11:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/108212/ 52 B
856 B 213ms
37ms Script
text/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/108212/script.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 5b1ccd08e901adfcd4b47e942f7c860ccd41f3e90ba07c787fb222cd8b776aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: br
cdn-edgestorageid: 865
x-amz-request-id: M810PKT0Q66X37N2
cdn-cachedat: 02/22/2023 20:43:51
cdn-pullzone: 44619
x-amz-id-2: wnZncFZTdmCJ/5cGL7Fz+5sUs4A3+bwpjQtzNuJX4HaDc2ubf202z3NwSbKfY0vphWKo9C5BAaM=
last-modified: Mon, 23 Oct 2017 10:06:07 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"2886c07e313e735c9c3b5f8c650b5f37"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: 576ba68937f48ec63ae119618960c392
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wp-emoji-release.min.js Show response
www.belasmensagens.com.br/wp-includes/js/ 18 KB
5 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 14:25:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2268808
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOd1jR9jCZVfF2ajgv4JOosGEmYrzYypIX%2F69el8nxuMO%2BtWUSaiH2AKVHCEUn9fvDJr1IygtcJMPxi5sp1mSEzlZ0FwfN4%2FMildEXVhVqY8xKKyXw44sFdKyReLNY3Q6ZMNBZgNTYRzQgPYZHkDyGuVpzXj%2B%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82c9ed7c88b33623-FRA
expires: max-age=A10368000, public

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
www.belasmensagens.com.br/fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 64ms
64ms Font
font/woff2 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://www.belasmensagens.com.br/
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 19:24:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BdDrOBNJi1p8d1r60O877s%2BIhD6hpjG%2Fqmb3iZblwyH4e3Fx9sGXhMUw58n68YGPPCaQnWV0gA9iIEEWUtXNxZfowNWeRnE2xuq64E%2F4zNFR3eKczDv7EoqVsDOgXrwtY%2BnZyOxCoWeWjDjzhz3KhLFfSOaysg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 82c9ed7c88b53623-FRA
content-length: 15744
expires: Sat, 23 Nov 2024 21:25:42 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
www.belasmensagens.com.br/fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 71ms
71ms Font
font/woff2 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Request headers

Referer: https://www.belasmensagens.com.br/
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmXFppOAqb2oYMzcLYFU9c2UhnRRGDilDzIvQqph9vh78CfxEa27caP11LoElZS0xhVVEo8Fnr16uuW5eX6kp5wlmUI7VZ6FlZVwWLA8yuv50tHwHVSMcQKECNdYgk8ovYCMJhRNHBb4G5tvZdMnTPMNfXsGlOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 82c9ed7c88ba3623-FRA
content-length: 34328
expires: Sat, 23 Nov 2024 20:50:20 GMT

GET
H2 200 prebid.min.8767321a.js Show response
monetize-static.viralize.tv/ Frame 9DC7 461 KB
146 KB 38ms
37ms Script
application/javascript 2a02:26f0:3100::1735:29f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://monetize-static.viralize.tv/prebid.min.8767321a.js
Requested by: Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_player.min.5eb18704.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:29f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPoBpUoyrtdtwZ1Zo3_Kuj1Hxp7i9Q8w-1A60orXEY0FkV_Ro4A2POKFLd1nY7j-REOrIEoFRDTstw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 149442
last-modified: Thu, 23 Nov 2023 11:11:10 GMT
server: UploadServer
etag: "8767321aa946fab11b7849c3c8cab276"
vary: Accept-Encoding
x-goog-generation: 1700737870881709
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=xXO4Yg==, md5=h2cyGqlG+rEbeEnDyMqydg==
cache-control: public, max-age=2592000
x-goog-stored-content-length: 471945
accept-ranges: bytes
expires: Wed, 27 Dec 2023 11:10:58 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9DC7 267 KB
65 KB 81ms
27ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_player.min.5eb18704.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:43:56 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1623
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: cuSyLiAG7lkxUSV2twNtG0nIwBaCIfOUf4tqp9Tq0LoP6RKxdrok4w==

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame 9DC7 902 B
880 B 274ms
221ms XHR
text/xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/live/ads%3Fiu%3D/8804/parceiros/42frases%26description_url%3Dhttps%253A%252F%252F42frases.com.br%26tfcd%3D0%26npa%3D0%26sz%3D480x361%257C480x360%26cust_params%3Dcampaignuol%253D1%2526videoplayertype%253Dhtml5%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26ad_rule%3D0%26correlator%3D1701083457

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb3b925cee5500c2848a3c2dd2ecdff97d59395dd7b7efae8dc5ddd11ba0be8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.belasmensagens.com.br
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 510
x-xss-protection: 0

GET
H3 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 9DC7 0
37 B 35ms
35ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AAEn2iG_Bt_nZPrQ&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee8d15a3aa56441d239145aea20fb2&item=YWRuXzEyMTI09JxFFwhAR-4%3D.1.1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: gzip
via: 1.1 google
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
ads.viralize.tv/track/ 0
11 B 33ms
33ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?session_id=01ee8d15a3aa56441d239145aea20fb2%3A0&player_session_id=0&label=activation&ver=12&reason=ok&type=event&category=player_session
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
ads.viralize.tv/track/ 0
11 B 32ms
32ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?session_id=01ee8d15a3aa56441d239145aea20fb2%3A0&player_session_id=0&label=ad_opportunity&ver=12&reason=ok&type=event&category=player_session
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
ads.viralize.tv/track/ Frame 9DC7 0
11 B 31ms
31ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A13%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22viewability_available%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 5044 Show response
config.aps.amazon-adsystem.com/configs/ Frame 9DC7 505 B
770 B 96ms
25ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/5044
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5446cc6aa910e2194375c9d372ac468148bcfe63eb395a6b05a18a4b86093ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:12 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 46
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: dubnJxS904yHKMInsnydW6D46GLAIRR3jdOB2wSEwhWaieWFQMaskA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9DC7 0
319 B 24ms
23ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5044&u=https%3A%2F%2Fwww.belasmensagens.com.br
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 05:47:17 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 19421
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: NpXgS7XzNso7gCzjea1uYtZWuhdysH75bOIKr-_gXFQjPgMEQN9rZA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 9DC7 23 B
471 B 172ms
111ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=5044&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&pid=ZUDtQXKqi3a50&cb=0&ws=400x225&v=23.1108.2350&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!viralize.com%2C6772%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 5XFEWZE7NZJDPX9M3DQK
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1hN9Nw8gj3WZrGUyedBaGX_LJNZk2mVVKTaPqYdei5cw2nO47In_Aw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9DC7 6 KB
3 KB 70ms
24ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
date: Sun, 26 Nov 2023 11:49:20 GMT
x-amz-cf-pop: FRA56-P6
age: 84099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: A8NvfObPnldhyQOByvz18mn98NST6uu-SjlFHbo8m2mpDIKDTH7wIw==

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B783 752 KB
241 KB 25ms
24ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 161861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 14:13:17 GMT
expires: Sun, 24 Nov 2024 14:13:17 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9DC7 44 KB
17 KB 175ms
72ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Nov 2023 11:10:58 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CC7F 40 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 27 Nov 2023 11:58:54 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame B783 132 KB
31 KB 748ms
747ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8804%2Fparceiros%2F42frases&description_url=https%3A%2F%2F42frases.com.br&tfcd=0&npa=0&sz=480x361%7C480x360&cust_params=campaignuol%3D1%26videoplayertype%3Dhtml5&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&ad_rule=0&correlator=3662572266516778&vpa=auto&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&sdki=445&ptt=20&adk=1893717916&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=C3CDDFAE-1786-4BC8-A27B-14519A554480&nel=0&eid=418572006%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=1701083458611&cookie_enabled=1&scor=1566255518186194&ged=ve4_td1_er1190.1190.1344.1490_vi0.0.1200.1600_vp6_eb23272

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

a40f23490e89a31a24537d56988bbf4b6ab6b5fca3595a1ca564891b1b2d7e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31684
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: ltt
google-creative-id: -1
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame E68E 197 B
689 B 663ms
227ms Document
text/html 2600:9000:2251:7c00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7c00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 173
content-type: text/html;charset=UTF-8
date: Mon, 27 Nov 2023 11:10:59 GMT
etag: ba5203ce522cc70a434e9a70452ca145
expires: Mon, 27 Nov 2023 11:20:59 GMT
last-modified: Wed, 28 Jul 2021 19:15:10 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: 6u6gPUV6hAevLn7iXvGRP4tskyVHGO080ZlnB0N7pBDeu-bMurTtJA==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 Prebid.js Show response
tm.jsuol.com.br/modules/external/ 353 KB
114 KB 1077ms
1076ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 03 Nov 2023 15:14:57 GMT
akamai-grn: 0.8436655f.1701083459.31819553
etag: cdd1b84f0c29c6c8e530adae3955fe73
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3588
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=112, origin; dur=929, ak_p; desc="1701083459070_1600468612_830575955_104261_1307_25_0_146";dur=1
content-length: 115718

HEAD
H2 200 / Show response
www.belasmensagens.com.br/ 0
536 B 262ms
262ms XHR
text/html 2606:4700:20::681a:64c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belasmensagens.com.br/
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymbJ4KapNFsgn3SooiImSYgPd4hqaI0bXXTaRxX3rkf%2B4nYwXlR%2Bujea2qWhBBwEzCzKyWjQINjqUIEtnS6giqljdewgEggVktAGwzWDN3w%2B9ZvCn%2FdpGyW71l9L1IBd6p%2FWAeeofI0xh0CexkIFfg%2FD8sy4JXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-apo-via: origin,no-cache
cf-ray: 82c9ed8329f53623-FRA
link: <https://www.belasmensagens.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame 6D0F 3 KB
1 KB 371ms
22ms Document
text/html 2600:9000:206f:f600:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6296
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 09:26:30 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: 3ntK9GQX_7a9DXQTa1u9GtDbaPPOPQ7oumG8wnGYA2uZBSH0SrRr0g==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 125ms
75ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63af0efd82cde70366a5c3d6fac8768eab7e9c549bae3ca3895ed8b20fa6f7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30508
x-xss-protection: 0
server: cafe
etag: 344 / 19688 / 31079694 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 11:10:59 GMT

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame E21B 3 KB
1 KB 371ms
26ms Document
text/html 2600:9000:206f:f600:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6296
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 09:26:30 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: UBQVYq2B1GMzTqg0xQd2oNGBB12JDRWuidozHfyeMiPrsUMfAPRfAQ==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame 4264 3 KB
1 KB 367ms
23ms Document
text/html 2600:9000:206f:f600:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6296
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 09:26:30 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: ODV0mLGHP2Rt1aJZ780IxhRgwANTaCtn_q1HGOzqAxosc7PCLU3M1Q==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame F630 3 KB
1 KB 366ms
24ms Document
text/html 2600:9000:206f:f600:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6296
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 09:26:30 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: b-2Ys1K0anNIAXadnRAzpbKOEUn_3ncGY0wCtnpj2vDtlkgoRacZyA==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame 148C 3 KB
1 KB 366ms
26ms Document
text/html 2600:9000:206f:f600:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6296
content-encoding: br
content-type: text/html
date: Mon, 27 Nov 2023 09:26:30 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: XXSQcoyVQgI-lfH3CkhFWEc-xEigMUN10fqlJYK_PLBeFP6Xe5bokA==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 873ms
873ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Mon, 24 Jul 2023 18:36:16 GMT
akamai-grn: 0.8436655f.1701083459.318196f8
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=19, origin; dur=826, ak_p; desc="1701083459341_1600468612_830576376_84765_924_20_0_146";dur=1
content-length: 5277

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 156 KB
19 KB 852ms
852ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc943d99a17601269835433917f1efda0d67b29122939756712776a7bc4fdbb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Thu, 31 Aug 2023 00:14:50 GMT
akamai-grn: 0.8436655f.1701083459.318196fa
etag: 3ba5a00d1d7a002cf562eaf6ca619ce7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=20, origin; dur=804, ak_p; desc="1701083459339_1600468612_830576378_82530_1142_20_0_146";dur=1
content-length: 19104

GET
H2 200 grupocontteudo.js Show response
me.jsuol.com.br/aud/ 24 KB
9 KB 100ms
26ms Script
application/javascript 2600:9000:223d:b800:1:aa11:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/grupocontteudo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:b800:1:aa11:940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 72ea0bf10921b8ef082b90bb41d8f9ac7377e5deecd6375e8e5c87d597f79a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:30:52 GMT
content-encoding: gzip
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 15:03:38 GMT
server: marrakesh 1.23.0
x-amz-cf-pop: FRA56-P3
age: 2407
etag: b5a8a93ce1d81bfc09f00551adcb43c5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 9194
x-amz-cf-id: OQGErctMkvPJAGSoHFqG0FpOLG5F4aWeJXEIDCne-8Yeauykf_p1nw==
expires: Mon, 27 Nov 2023 11:30:52 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 8 KB
3 KB 1058ms
1057ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 925f35c86a25bd98442cc85f95e18588b4d6838f78ada210e6d9c7bb7f4df313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Wed, 08 Nov 2023 20:40:13 GMT
akamai-grn: 0.8436655f.1701083459.3181971b
etag: 95836993959e1752b2e8d5b20503bb7a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3557
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=19, origin; dur=998, ak_p; desc="1701083459355_1600468612_830576411_101849_1002_20_0_146";dur=1
content-length: 2933

POST
H2 204 csi
csi.gstatic.com/ Frame B783 0
234 B 395ms
133ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpgt6518&c=3719976950296&slotId=1859988475148&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=Qks5BxDFUEU&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
ads.viralize.tv/t-bid-done/ Frame 9DC7 0
37 B 34ms
34ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?zid=AAEn2iG_Bt_nZPrQ&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&t=adn&gcid=YWRuXzEyMTI09JxFFwhAR-4%3D&bid_opportunity_id=1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1&l=ima&sid=01ee8d15a3aa56441d239145aea20fb2
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: gzip
via: 1.1 google
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 csi
csi.gstatic.com/ Frame B783 0
45 B 380ms
134ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpgt65ov&c=3719976950296&slotId=1859988475148&qqid=CITkp9qF5IIDFa9JHQkdSiEBJw&gqid=QnlkZaWbKL2K9fgPqvKx8AY&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=videojs-ima&mrd=4&aab=1&itv=1&ghmsh_eids=418572006%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&met.4=ghmsh_s.lpgt65oy~ghmsh_s.lpgt65p1&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=LllCGssL_8hqnxF8
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9DC7 0
45 B 368ms
134ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpgt64ia&c=3719976950296&slotId=1859988475148&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B783 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.605.0&e=418572006%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&id=ima_html5&c=798625624308909&domain=www.belasmensagens.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame B783 453 B
478 B 23ms
23ms Image
image/png 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-6330791094260149

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:56:22 GMT
x-content-type-options: nosniff
age: 877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 11:46:22 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 65ms
65ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C3-mZQnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSzAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjN1Zb3G9gWmUvYh8zedg3_3i8PHygW4uFmQZh3sJl1BctT99i1JalMw519e9OJiE0KnRwnZcbSulhdSNLEk3ABJn288DSBOAEAYgF7umdwE2SBQYIAxACGAGgBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOrEJj82x3K9k_0mACgOYCwHICwHQCw6iDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBAKChCQ-L3g47vk1GwSAgEDmg0BDqoNAkRFyA0B4g0TCNCqptqF5IIDFa9JHQkdSiEBJ7ATtM_ZFdgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=TPKXVA6PzJ4&label=show_ad

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/gampad/live/ Frame B783 0
0 73ms
72ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/gampad/live/adview?ai=Cb9JuQnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2SBQYIGxABGAGSBQsIIhAFGAFI7tKUApIFEAgSEAUYDzDFoJWG8aDOpUKgBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDP9XioCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglgaHR0cHM6Ly93d3cub2FuZGEuY29tL2V1LWRlP3V0bV9zb3VyY2U9ZGJtJnV0bV9tZWRpdW09dmlkZW8mdXRtX2NhbXBhaWduPU9FTV9ERV9kc3BfQkFVX1BST18yMDIzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCNCqptqF5IIDFa9JHQkdSiEBJ7ATtM_ZFcITBhiF0-24KcgTgd354wPYEw3YFAHQFQGoFgHiFgIIAYAXAbIXHgocCAASFHB1Yi00ODU0MDgzMjQ0MzMwOTQ4GN7oFA&sigh=wOQrzRjl9VA&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSPADICaaNaHSGjKC5i18chNCUNkgVDgoY5_bSY8_wKxN1mZcxlzr9_xkCzBIA_1viqdbkaSvPQZBPBZbp6xgB&vt=10
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 9DC7 0
54 B 353ms
134ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpgt65po&c=3719976950296&slotId=1859988475148&met.4=hvd_lc.lpgt65po~hvd_ad.lpgt65po~hvd_mad.lpgt65po~hvd_admu.lpgt65po~hvd_src.lpgt65po
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-4g5lzner.googlevideo.com/ Frame 9DC7 1 MB
1 MB 92ms
25ms Media
video/mp4 2a00:1450:4001:15::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5lzner.googlevideo.com/videoplayback?expire=1701112259&ei=Q3lkZfatD-SCmLAPgciSmAw&ip=2001:1b60:2:240:3247::10&id=424b390710c55045&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=xE&mm=31&mn=sn-4g5lzner&ms=au&mv=m&mvi=4&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.000&lmt=1700966235737979&mt=1701083097&cpn=LllCGssL_8hqnxF8&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRQIgPvxAKRAjXKfK4CNb1J1tdusrigV8v95sEVlEgro-Yp0CIQDDDyr-CFfKXu30WUeXTBg45wsJsVuESQvfJ-T04rssvw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRgIhALbTDnGZCzsXuftwixSg_lZzQeICgkRxkpg64899BShWAiEAnS5q7IP5xi6RgR-1xqKI6EF13kPO39paIAfqF7VfjmM=

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:15::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bfd8d3d92acd1f69355b64844cae8628175c082a8485036f8a6b79a510705ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 27 Nov 2023 11:10:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Nov 2023 02:37:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1491608/1491609
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1491609
Expires: Mon, 27 Nov 2023 11:10:59 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/grupocontteudo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 09:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6665
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 27 Nov 2023 11:19:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/grupocontteudo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7babe465291d02615e5872e8a8bfc0a2e4ca7cb9d604df3dabf8fb253ffe8f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 11:10:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTFD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425a0c2516e8c164588949c1ae146ff31388c351d3d3ec0e40a4808451b5d40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 11:10:59 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

24ms
23ms

Script
application/javascript

18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:14:44 GMT
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 3403
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: biJIKhvXy2a7eZcIocsLLQfGG9LfS2r3PESyolNmlX4S-tN5oRzU-A==

Redirect headers

date: Mon, 27 Nov 2023 11:10:59 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 1Ns_gJnBDJQd2ZQ2tJmzQ2uf1NLvU969OJo6egtWzkC22zXBElyQRg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
30ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1287711670&t=pageview&_s=1&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ul=en-us&de=UTF-8&dt=Belas%20Mensagens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEADQAAAACAUK~&jid=699520192&gjid=1817486127&cid=2089323646.1701083458&tid=UA-93502642-54&_gid=1801170254.1701083458&_r=1&_slc=1&cd1=Parceiros&cd2=Grupo%20Contteudo&cd3=Belas%20Mensagens&cd11=normal&cd4=2089323646.1701083458&cd66=1701083459460.g8i2fj5&cd85=none&cd87=none&cd88=none&z=176280873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4725
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Nov 2024 09:52:14 GMT

GET
H3 204 /
ads.viralize.tv/track/ Frame 9DC7 0
11 B 32ms
31ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A3%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 31ms
31ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93502642-54&cid=2089323646.1701083458&jid=699520192&gjid=1817486127&_gid=1801170254.1701083458&_u=6GDAAEADQAAAACAUK~&z=990673661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 187ms
47ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-93502642-54&cid=2089323646.1701083458&jid=699520192&_u=6GDAAEADQAAAACAUK~&z=515671188

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 184ms
47ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-93502642-54&cid=2089323646.1701083458&jid=699520192&_u=6GDAAEADQAAAACAUK~&z=515671188

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XWCHXHCC99&gtm=45je3b81v882792760&_p=1701083457454&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2089323646.1701083458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701083459&sct=1&seg=0&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=Belas%20Mensagens&en=page_view&_fv=1&_ss=1&_ee=1&ep.uol_property_id=302331462&ep.publication_type=normal&up.cookie_consent=none&up.login_widget=deslogado&tfd=3010
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 29ms
29ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XWCHXHCC99&cid=2089323646.1701083458&gtm=45je3b81v882792760&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 146ms
47ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XWCHXHCC99&cid=2089323646.1701083458&gtm=45je3b81v882792760&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1263011238

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8804 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 153ms
67ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/8804?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fca6b6937bdf94e2adc59678f62c9c67d8acfaf61f2f8dd3819c893e82207e81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-08yrT5Uh6R1vrs5pHyFDzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-08yrT5Uh6R1vrs5pHyFDzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 23ms
23ms Image
text/plain 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&cs_fpcu=9c31ad5a3cc4429c853d239260b70978&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1701083459604&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.belasmensagens.com.br%2F&c8=Belas%20Mensagens&c9=
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: qrZX2AA5TCvHUz6Je6zOF1FlUMNnlu6cz9J9q29mRXLwPbMrV8_6DQ==
x-cache: Miss from cloudfront

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 66ms
66ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/gampad/live/ Frame B783 0
0 121ms
71ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubads.g.doubleclick.net/gampad/live/adview?ai=Cb9JuQnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2SBQYIGxABGAGSBQsIIhAFGAFI7tKUApIFEAgSEAUYDzDFoJWG8aDOpUKgBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDP9XioCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglgaHR0cHM6Ly93d3cub2FuZGEuY29tL2V1LWRlP3V0bV9zb3VyY2U9ZGJtJnV0bV9tZWRpdW09dmlkZW8mdXRtX2NhbXBhaWduPU9FTV9ERV9kc3BfQkFVX1BST18yMDIzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCNCqptqF5IIDFa9JHQkdSiEBJ7ATtM_ZFcITBhiF0-24KcgTgd354wPYEw3YFAHQFQGoFgHiFgIIAYAXAbIXHgocCAASFHB1Yi00ODU0MDgzMjQ0MzMwOTQ4GN7oFA&sigh=wOQrzRjl9VA&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSPADICaaNaHSGjKC5i18chNCUNkgVDgoY5_bSY8_wKxN1mZcxlzr9_xkCzBIA_1viqdbkaSvPQZBPBZbp6xgB
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame B783 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 20:50:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B783 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.605.0&e=418572006%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&id=ima_html5&c=798625624308909&domain=www.belasmensagens.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B29859907.381990383;dc_trk_aid=573039162;dc_trk_cid=205514612;dc_dbm_token=AD1EzRQAAAA8CjQKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQI7umdwE2oAuOFn8MEsAKB3fnjA0A7EN3z17QCEBt_6hH47mmgJpLIecLMRQ==;ord=1...
ad.doubleclick.net/ddm/trackimp/N980739.279382DBMTP-OANDA-PER-D1/ Frame B783 42 B
568 B 101ms
42ms Image
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N980739.279382DBMTP-OANDA-PER-D1/B29859907.381990383;dc_trk_aid=573039162;dc_trk_cid=205514612;dc_dbm_token=AD1EzRQAAAA8CjQKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQI7umdwE2oAuOFn8MEsAKB3fnjA0A7EN3z17QCEBt_6hH47mmgJpLIecLMRQ==;ord=1613615696;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1;dc_exteid=7319002057039288303;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMIhOSn2oXkggMVr0kdCR1KIQEnEAEYASAAEgK4A_D_BwE

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 66ms
65ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CHqD8QnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2gBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEJD4veDju-TUbBICAQOqDQJEReINEwjQqqbaheSCAxWvSR0JHUohASewE7TP2RXYEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=aE-jJywZFkE&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D959%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26is%3D33554706%26cs%3D33554706%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459615%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1701083459438

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B783 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5neeDi-Jzk-Kk7OWvxZQovkjBJIEDbdTucjBI20dhr7PNTJdQQer0S7Y-CnKIAPNylhma3feIpdfQePy6Q906kt-sh88jwAnFHwFOFGWjUZp3vw_YUrxvTCPpRQvEPUQsXXWAhR2Y6xynYyuSqRjzZSJnHZiuTe8QzoC61OU&sai=AMfl-YTrr4yw-twUWfP5Fyc91WWLp2F6I7RsXZ91OHsOnXlbiCyGFFVbNd9Huw0ORvUtuo-sDYttfOXJr0C6Lwm5SF7GcV66h2MwhDIBpX0JfPciZIlcNxK0urn_HI-O&sig=Cg0ArKJSzCRRPvFoRu-ZEAE&cid=CAQSPADICaaNaHSGjKC5i18chNCUNkgVDgoY5_bSY8_wKxN1mZcxlzr9_xkCzBIA_1viqdbkaSvPQZBPBZbp6xgB&id=lidarv&acvw=sv%3D959%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26ic%3D33554706%26cs%3D33554706%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459616%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701083459438&avm=1

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame B783 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=7319002057039288303&acvw=sv%3D959%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26ic%3D33554706%26cs%3D33554706%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459616%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701083459438?

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 97ms
96ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CHqD8QnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2gBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEJD4veDju-TUbBICAQOqDQJEReINEwjQqqbaheSCAxWvSR0JHUohASewE7TP2RXYEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=aE-jJywZFkE&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D959%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26i0%3D33554706%26ic%3D0%26cs%3D33554706%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459616%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701083459438

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=7319002057039288303;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D959%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame B783 42 B
401 B 124ms
59ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=7319002057039288303;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D959%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26i0%3D33554706%26ic%3D0%26cs%3D33554706%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459616%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701083459438?

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame B783 0
0 87ms
31ms Image
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=14&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=14&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=LllCGssL_8hqnxF8&docid=Qks5BxDFUEU&visitordata=Cgt4elVXbUVxOXpuMA%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 103ms
102ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CHqD8QnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2gBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEJD4veDju-TUbBICAQOqDQJEReINEwjQqqbaheSCAxWvSR0JHUohASewE7TP2RXYEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=aE-jJywZFkE&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&label=admute&ad_mt=0&acvw=sv%3D959%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,5%26mtos%3D0,0,0,0,5%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D5%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D5%26is%3D33554706%26i0%3D33554706%26ic%3D4096%26cs%3D33558802%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459618%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701083459438

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=7319002057039288303;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D959%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,5%26mtos%3D0,0,0,0,5%26amtos%3D0...
ade.googlesyndication.com/ddm/activity_ext/ Frame B783 42 B
107 B 125ms
61ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=7319002057039288303;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D959%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1190,1190,1415,1590%26tos%3D0,0,0,0,5%26mtos%3D0,0,0,0,5%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D5%26pst%3D-1%26dur%3D14953%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D5%26is%3D33554706%26i0%3D33554706%26ic%3D4096%26cs%3D33558802%26c%3D0.04%26mc%3D0.04%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083459618%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701083459438?

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9DC7 5 KB
5 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e2026eee9d16bad733c157a3ffb5e8a96f0452a6443b82978c8c7f6cf395407

Request headers

Referer
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 2142 23 KB
9 KB 24ms
23ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 00:14:01 GMT
expires: Sun, 24 Nov 2024 00:14:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 /
ads.viralize.tv/track/ Frame 9DC7 0
11 B 30ms
30ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22impression%22%2C%22reason%22%3A%22ok%22%2C%22adsystem%22%3A%22AdSense%22%2C%22aspect_ratio%22%3A%2216%2F9%22%2C%22content_type%22%3A%22video%2Fmp4%22%2C%22creativity_id%22%3A%22629826134289%22%2C%22creativity_width%22%3A1280%2C%22duration%22%3A14%2C%22format%22%3A%22thumbstream-autoplay%22%2C%22linear%22%3Atrue%2C%22loader%22%3A%22ima%22%2C%22wrappers_count%22%3A0%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22start%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_start%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22play%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 csi
csi.gstatic.com/ Frame B783 0
54 B 134ms
132ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lpgt65pb&c=3719976950296&slotId=1859988475148&qqid=CITkp9qF5IIDFa9JHQkdSiEBJw&gqid=QnlkZaWbKL2K9fgPqvKx8AY&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=videojs-ima&mrd=4&aab=1&itv=1&ua_e=1&met.4=ghmsh_s.lpgt65pc~ff.lpgt65uo&faa=1&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame E68E 4 KB
2 KB 23ms
22ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
akamai-grn: 0.8436655f.1701083459.318198f6
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701083459692_1600468612_830576886_84_939_27_0_219";dur=1
content-length: 1065
last-modified: Fri, 14 Jul 2023 19:50:49 GMT
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=2697
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2142 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 10:49:13 GMT

GET
H2 200 AGSKWxWEYigZ3f5PriK3hZdcBEzSYcJqOuiWz8_t6M33q9s4Gmmq3D0a8UdBdF-untdCJY32B-FoZjtebwOrqaEXqmmve13GWc4_qfyoNiKg4iCrdleksfc28GspTb3pdtl0CNdzOGE7Lg== Show response
fundingchoicesmessages.google.com/f/ 362 KB
59 KB 127ms
127ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWEYigZ3f5PriK3hZdcBEzSYcJqOuiWz8_t6M33q9s4Gmmq3D0a8UdBdF-untdCJY32B-FoZjtebwOrqaEXqmmve13GWc4_qfyoNiKg4iCrdleksfc28GspTb3pdtl0CNdzOGE7Lg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMDgzNDU5LDc4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmVsYXNtZW5zYWdlbnMuY29tLmJyLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e04a7a6d0a974da299957a78f9c8a94be9e72f16554ea63ca832109ba57dc47d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4AGW8xgX_3IKDBVHjYCRIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:10:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4AGW8xgX_3IKDBVHjYCRIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2142 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.605.0&bgai=BL4iGQnlkZYS7Kq-T9fgPysKEuAIAAAAAOAG6BRMIpcSl2oXkggMVPUUdCR0qeQxu&bg=!e3ileDfNAAZxrfrxUa07ADQBe5WfOGHdkrhYncmtXvGDDb84s8TYJVTKSnwNJDT-CVg7NQS-nkDstzNMBZHt17F8fsXMAgAAADlSAAAAAWgBB5kCb0grG04YNi6wlYYsMaWiiZaW4FkAX2BidX5YqzbuR221E31BqZd4_fijIp-U-BM1kNcJeGUEz5e67uZ2jca3DFWLOwHacQVP2du9YIPLq7e3FMoms7O8icvJpfGCbpC_OrlGJXLHNC7obv3ka7ZlcbSaz98n13gV-NqLnzHVRcQIqfBclghZcphI8mF41iv7_ihli9W6XxaXzF6-JwZSARtlABbfBaTFfhBcrcRZQcWRVORs4QjC_IBCGFs8BG3PU4JShi_fQF9wAYm0yGYiv3pY-HxiWKqAR3v_eFu-GWA_hT3neV07waIlfYoFVxrvfUjxK2n7RS4ZacfCLJOf6aCUZ0E3whq__q2oBGrsL7ZOqaPfiBEl7MLJVXAquhMqOJ3iN68Y7OBN6MktkEoiIAQtRLS-2T_R-tYbPx6Y371F5kmRupw5ifG05k9Hdy86VCHwHuqPv8ZmQo-MKr9HRj5zdLuVfMxq0q_P8rhWzok1wcOH338PF1_IsTQ-yi5nTUj898JZInGD0RDq4GVhGAqJSXB-PZtyS1feyat4qgHX50MSlTWak4Pd8__Ne66mPone25rV3JMSdhA7rtrZPgenJhnVjhn1Ye8lPOZ9bwJCwNJMpGyDHSkGBSto-pRNId9oRy2Qy5z7IRpv7V9bw2ALbEYkDWjZIDV87gbLnlnOWLp3eJmH1F9ZddL3l3puDLugEIBNdmNGkZjzeUZ_1eSmIlezrDQohE74k_RNc_J6Qz2ME3Xm3R5DAuOXmR2wALflQKTr-N7bmDACKUqxKVIikEb5NJuNk011-KPC3AZWNCGB2EW--7ATc63ydp-X

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
386 B 396ms
271ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
347 B 224ms
60ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:00 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.belasmensagens.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
709 B 164ms
39ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

06f130c61d4eb2f5073dce583c5abb3467bdadc7c42655dc697a6a3fa7be62f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:00 GMT
an-x-request-uuid: 87c7f57f-4915-4d70-9fa6-e143267da8a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
532 B 224ms
124ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 87ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 11:11:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 11:11:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 75ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 03:53:37 GMT
x-content-type-options: nosniff
age: 285443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 03:53:37 GMT

POST AGSKWxXZ9JrSu6S2b-_jLY8g6s2yGsmjnycKmBqsE9jkOmWcx43XFH6rk2oQRQ1TQn7O0O5R9QnPxesVLHcQlnEEM0JsEXnzHuU-jE_R4csx0bKOoQARiXQRmj2awCO0SYV3lAUlbTxF2w==
fundingchoicesmessages.google.com/el/ 0
0

GET
H2 200 / Show response
udr.uol.com.br/ 142 B
625 B 293ms
226ms Fetch
application/json 2600:9000:206f:8800:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8800:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: a9a2560a1f50b9ddb3eae884f72f2d8ce753f116d52847bbd5324163798b902f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-C1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.belasmensagens.com.br
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
content-length: 142
x-amz-cf-id: CbnLj3OhnjEdUpBE-IZ2KFxbZFqm6W56QzU-_T_jMeEmjxjLwWlN_g==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
581 B 35ms
35ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:00 GMT
an-x-request-uuid: bd9aab2b-896b-4183-94d1-69684f7cb49c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
m.t.tailtarget.com/sync/TT-10162-1/
Redirect Chain

https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1

43 B
138 B

123ms
123ms

Image
image/gif

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

date: Mon, 27 Nov 2023 11:11:00 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1
content-type: text/html
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.belasmensagens.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 320081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 18:16:19 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 1125ms
222ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:11:01 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache
Connection: close
Expires: Mon, 27 Nov 2023 11:11:00 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 0C82 213 B
699 B 227ms
226ms Document
text/html 2600:9000:2251:7c00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7c00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Mon, 27 Nov 2023 11:11:00 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Mon, 27 Nov 2023 11:21:00 GMT
last-modified: Wed, 28 Jul 2021 19:15:09 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: 5RrDR7X6ZCjgNVhg6oACNzoiANDUO8CSimdOIk0TwXI8wdjPaOZjBA==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 8D62 213 B
698 B 224ms
224ms Document
text/html 2600:9000:2251:7c00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7c00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Mon, 27 Nov 2023 11:11:00 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Mon, 27 Nov 2023 11:21:00 GMT
last-modified: Fri, 03 Nov 2023 16:23:28 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.23.0
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: sKSubtukw_CbFyMAJgHAXEeCavCMzs1Ar3Q5DdOyaesEpaYFV8SArA==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
75ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d668bc60ee47e64e4696a5cdd72ab7032f5280d9fe96c40098fb7e12533eaa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12294
x-xss-protection: 0

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 1056ms
1056ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:01 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Thu, 30 Sep 2021 21:14:28 GMT
akamai-grn: 0.8436655f.1701083460.31819f18
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=26, origin; dur=1007, ak_p; desc="1701083460693_1600468612_830578456_103478_1005_21_0_146";dur=1
content-length: 6125

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 11:11:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C2F 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 10:45:14 GMT
expires: Tue, 26 Nov 2024 10:45:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD98 829 B
995 B 35ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1673cb391b73c5524bbe8e4881eb1200adca4ffd93359991ef7cdbee07816b03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oxM_uiHOuMhwBdLsx20f9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oxM_uiHOuMhwBdLsx20f9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 11:11:00 GMT
expires: Mon, 27 Nov 2023 11:11:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C2F 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 10:49:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD98 0
0 58ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2696565664275447&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 8D62 43 KB
10 KB 46ms
46ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, Hit from parent
akamai-grn: , 0.8436655f.1701083460.3181a07d
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="1701083460930_1600468612_830578813_1945_4359_20_0_219";dur=1
content-length: 9152
last-modified: Tue, 03 Oct 2023 19:57:45 GMT
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=2659
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 0C82 43 KB
10 KB 49ms
49ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, Hit from parent
akamai-grn: , 0.8436655f.1701083460.3181a07e
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1701083460926_1600468612_830578814_2568_1062_20_0_219";dur=1
content-length: 9152
last-modified: Tue, 03 Oct 2023 19:57:45 GMT
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=2677
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C2F 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UTGp5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2696565664275447&bg=!nZ6lntHNAAZxrfrxUa07ADQBe5WfOMbNGL58ziR2bNMLX2cwMRAr6Nx1xdInQfAiBW8pM9zdO1OQexiTnyoSbs1-SatKAgAAADZSAAAAAWgBBwoAciUQcuoZbPaPoNNf_Ld7pwKz9Pv6nSjr9dewJURXk8ROYXrD8UikTo_cQrZ51netXQYBjJ39QT7e1-S1kBo1BuT0Yz4ofMY6wk59vo1PZqOGcsLjimaTp7wbqdmjTOfEkG01JvRRdhPAlhwGAv4V7g4N8ZkCz49taTM2pI2e63kjc5yJ69qNxLcMsnD8sFSqCjjAub9K5pVjeKlXPtXPcHGhVHTVwO3IMVn2ogKuJLj8rg5DZG7XLtNCMUZmLYW69Xuhh6P08rmiAGoXPzIP3tZ_WG8rMGlfqxP0mhpP8oqiCWxqCiePvQ7_Qq2NuGppCKF0MRZ90DT7f0r_eG0pMgUmlQqBsjPKcSkZVZp1koK78HaIFI24jAqajBUeyxPzVR2kph6aRI-J0icNVZpPoXtqv9i-DzzmNhTVC-e87qe3y33QNjq8xaBC590n5vYTk5bVKMcboeJna4LC2rQMJ_AxIsLRe6a6U_1VGKK7duV3PqiwIuXsnJYuG4VT8Q_PEZsmPH-Ebp73xJA21jqz15a9UYtbU-jGEtjpYo7QwNEcNBizKWsu6cfXsSYcFUEA7Ye3CyQ6w2pQ_Yr17kkS3Pfvi45VTS8yZvYvQsfQnoOgQRlsJ4AQM7bo8s86DhCWYSHwqYKfLhor5e_77nosQF2Lg4zRuAqEHcp_AypzrBW29PVz8GeFvZrjnBTpYLeNn2GuuIw5sz0Vdjxr2zfjKc7Cz8_9b2GsekxugXfUWO-YJma9SMoorxlc82-e3jOthVkZUzGCwThZEn_1GNyS-pFewkKLyCg89s9PszjZ9y39WqsQ-58WB7dgwPCbEjtInT2CaZUO1cgSqdnRqPim8z6PSmIHuvNb1SJwqMwx_KlrQ8VHI7drzket9LhIrMEQi_fCn6L0cO0TNeMmwlpyyLei42H3ku1nr-ZM7HJ3rzALgSV8nCFGw30xNXJhTdpA7dR9YCRhix3pEz0KNnRIidmt10Ca5AjrvGHPg1cm5idfmoMH97DFTl9nXBIYTB1ztgNSCvmZ1AtU_nBaAJ9J45OvWS4jtVlSrYQh0BFmq81ppguU9bLNrbm5Peb_YFhVt4mQok4w8ps74ijJ52pYzAxGy3J5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 /
ads.viralize.tv/track/ Frame 9DC7 0
11 B 29ms
29ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable%22%2C%22reason%22%3A%22ok%22%2C%22share_screen%22%3A%220.0469%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:01 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 836ms
836ms Script
application/javascript 2a02:26f0:780::5f65:3688
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3688 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:02 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Wed, 11 May 2022 08:55:30 GMT
akamai-grn: 0.8436655f.1701083461.3181a551
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3555
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=25, origin; dur=783, ak_p; desc="1701083461759_1600468612_830580049_81228_963_21_0_146";dur=1
content-length: 8357

GET
H3 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
91 B 130ms
129ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:belasmensagens:1&tK=1701083462&tM=direct&tL=direct&tN=direct&tY=3&tZ=593448596
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:01 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B783 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5neeDi-Jzk-Kk7OWvxZQovkjBJIEDbdTucjBI20dhr7PNTJdQQer0S7Y-CnKIAPNylhma3feIpdfQePy6Q906kt-sh88jwAnFHwFOFGWjUZp3vw_YUrxvTCPpRQvEPUQsXXWAhR2Y6xynYyuSqRjzZSJnHZiuTe8QzoC61OU&sai=AMfl-YTrr4yw-twUWfP5Fyc91WWLp2F6I7RsXZ91OHsOnXlbiCyGFFVbNd9Huw0ORvUtuo-sDYttfOXJr0C6Lwm5SF7GcV66h2MwhDIBpX0JfPciZIlcNxK0urn_HI-O&sig=Cg0ArKJSzCRRPvFoRu-ZEAE&cid=CAQSPADICaaNaHSGjKC5i18chNCUNkgVDgoY5_bSY8_wKxN1mZcxlzr9_xkCzBIA_1viqdbkaSvPQZBPBZbp6xgB&id=lidarv&acvw=sv%3D959%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26tos%3D2004,0,0,0,206%26mtos%3D2004,2004,2004,2004,2210%26amtos%3D0,0,0,0,0%26mcvt%3D2004%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2210%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D660%26pst%3D407%26dur%3D14953%26vmtime%3D2005%26dtos%3D2004%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2205%26is%3D33554707%26i0%3D33554706%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083461824%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2210&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1701083459438

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame B783 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=7319002057039288303&acvw=sv%3D959%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26tos%3D2004,0,0,0,206%26mtos%3D2004,2004,2004,2004,2210%26amtos%3D0,0,0,0,0%26mcvt%3D2004%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2210%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D660%26pst%3D407%26dur%3D14953%26vmtime%3D2005%26dtos%3D2004%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2205%26is%3D33554707%26i0%3D33554706%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0.04%26mv%3D0%26nv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083461824%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2210&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1701083459438?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
150 B 140ms
123ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 1da3c2d5bb781a53daaa09b626b25d580bfbac1fbedd6f549434516439b5505f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 b Show response
b.t.tailtarget.com/ 126 B
128 B 131ms
131ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=3&tU=0100007F447964659B06538B0297490A&tX=b.52&tZ=955422216&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: a215d82d7f9c25f2f38d1532a9966a38b0a9d9457b5315ad76a0dddd4bdf8f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
116 B 126ms
126ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=62711654&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 695554d64c47b624801aea908a3ef2dfeae23081d84312c9cc2afbb9f2d8567a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:03 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
271 B 141ms
122ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=___de_1701083462895_3648182812&tJ=&tQ=belasmensagens&tU=0100007F447964659B06538B0297490A&tX=b.52&tY=1&tZ=427438442
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
384 B 118ms
38ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&domain=www.belasmensagens.com.br&cw=1&lsw=1

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.belasmensagens.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 193023
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 116ms
39ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&domain=www.belasmensagens.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.belasmensagens.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.belasmensagens.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 27 Nov 2023 11:11:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 227819
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0AD0 52 KB
17 KB 136ms
37ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 9188
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 27 Nov 2023 11:11:03 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3649, 44652
X-Served-By: cache-lga13626-LGA, cache-cph2320058-CPH
X-Timer: S1701083464.690018,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A97A 281 B
555 B 66ms
22ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Nov 2023 11:11:03 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 67ms
66ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CHqD8QnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2gBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEJD4veDju-TUbBICAQOqDQJEReINEwjQqqbaheSCAxWvSR0JHUohASewE7TP2RXYEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=aE-jJywZFkE&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&label=videoplaytime25&ad_mt=3865&acvw=sv%3D959%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26tos%3D3765,0,0,0,206%26mtos%3D3765,3765,3765,3765,3971%26amtos%3D0,0,0,0,0%26mcvt%3D3765%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3971%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1062%26pst%3D407%26dur%3D14953%26vmtime%3D3865%26dtos%3D1761%26dtoss%3D2%26dvs%3D1761%26dfvs%3D1761%26dvpt%3D1761%26is%3D33554707%26i0%3D33554706%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0.04%26mv%3D0%26nv%3D0%26qmt%3D3765,3765,3765,3765,3971%26qnc%3D0.04%26qmv%3D0%26qnv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D20,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083463584%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3971&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1701083459438

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:03 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=7319002057039288303;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D959%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26tos%3D3765,0,0,0,206%26mtos%3D3765,3765,3765...
ade.googlesyndication.com/ddm/activity_ext/ Frame B783 42 B
107 B 62ms
62ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=7319002057039288303;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D959%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26tos%3D3765,0,0,0,206%26mtos%3D3765,3765,3765,3765,3971%26amtos%3D0,0,0,0,0%26mcvt%3D3765%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3971%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1062%26pst%3D407%26dur%3D14953%26vmtime%3D3865%26dtos%3D1761%26dtoss%3D2%26dvs%3D1761%26dfvs%3D1761%26dvpt%3D1761%26is%3D33554707%26i0%3D33554706%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0.04%26mv%3D0%26nv%3D0%26qmt%3D3765,3765,3765,3765,3971%26qnc%3D0.04%26qmv%3D0%26qnv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D20,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083463584%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3971;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1701083459438?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
ads.viralize.tv/track/ Frame 9DC7 0
11 B 33ms
32ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22first_quartile%22%2C%22reason%22%3A%22ok%22%2C%22in_view_time%22%3A4%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8d15a3aa56441d239145aea20fb2%3A0%3A1hg87jahv-0l3v5aicl08-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_first_quartile%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.belasmensagens.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:11:03 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A97A 46 KB
13 KB 23ms
23ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b26fe5fa11212a2d528dfd8f30e5471d4a4ae981d9f3d8ebc350bd519b3aae25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:11:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Nov 2023 09:14:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79443
Connection: keep-alive
Content-Length: 13230
Expires: Tue, 28 Nov 2023 09:15:06 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 0AD0
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
647 B

48ms
48ms

Script
text/html

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:03 GMT
an-x-request-uuid: f42cb88c-74e3-4c98-b97f-23e7a93dc79c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:03 GMT
an-x-request-uuid: ff6fdd54-2fb3-4ac8-93b6-e73016adce5f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A97A 7 B
380 B 105ms
27ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B783 42 B
65 B 67ms
67ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CHqD8QnlkZYS7Kq-T9fgPysKEuAKQhc-1dJHCwKSqEr_6trLZQRABINKhqR8oAmCV-vCBjAegAYXT7bgpyAEF4AIAqAMBmAQAqgSwAk_QYzsmurNue9GRZtaCfLIysotDvnAD_J1eZHKs9OoOz94OaYukEUNA79mCGZXXg-y9B6y4PRsxo_4H6XBYwjS2BungJ91DdTUModGWPsiFwUpKBDoZmVWGT2s5Kqycnnpw_I_0SNYBUjoUBHAke2exM7fsOPbJPB8z5WC_i09V3kwpZ0xCN0dSnV2Po9W98qTJJ2nBi9jn5iKBsiCvM7boB12-gDkL5EsTOD_-_4ddE-ossA1lmXhPRsLmV4P_pIyrxdRR2k89PwARSa2ZdFpMxgo4qxmNn--7v6Uf_lDZfxqcTHLcuJFjByds9KVrtO7PPEcjNw5aboLz4Du9_I3aPlvexJxqDJx2NHgh9_Xts-ZvaB0EVz-nGqZFx95b2_fx951a2fKhs7sD1k6QMqDABJn288DSBOAEAYgF7umdwE2gBlSAB4WLvpgEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEJD4veDju-TUbBICAQOqDQJEReINEwjQqqbaheSCAxWvSR0JHUohASewE7TP2RXYEw3YFAHQFQGoFgHiFgIIAfgWAYAXAQ&sigh=aE-jJywZFkE&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&label=video_skip_shown&ad_mt=5193&acvw=sv%3D959%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26p0%3D1190,1190,1415,1590%26p1%3D965,1190,1190,1590%26tos%3D5094,0,0,0,206%26mtos%3D5094,5094,5094,5094,5300%26amtos%3D0,0,0,0,0%26mtos1%3D3765,0,206%26mcvt%3D5094%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5300%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1463%26pst%3D407%26dur%3D14953%26vmtime%3D5193%26is%3D33554707%26i0%3D33554706%26i1%3D33554707%26cs%3D50336019%26c%3D1%26c0%3D0.04%26c1%3D0.04,1,1%26mc%3D1%26nc%3D0.04%26mv%3D0%26nv%3D0%26qmt%3D1329,1329,1329,1329,1329%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0.04%26ces%26femt%3D886%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D27,0,0,0,1%26avms%3Dexc%26qi%3D283612846%26psm%3D-2147483585%26psv%3D63%26psfv%3D63%26psa%3D0%26pnk%3D1701083457875%26ptlt%3D1701083464913%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5300%26ss0%3D0%26ss1%3D0,0.04,0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1701083459438

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 11:11:04 GMT
x-content-type-options: nosniff
server: ltt
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxXZ9JrSu6S2b-_jLY8g6s2yGsmjnycKmBqsE9jkOmWcx43XFH6rk2oQRQ1TQn7O0O5R9QnPxesVLHcQlnEEM0JsEXnzHuU-jE_R4csx0bKOoQARiXQRmj2awCO0SYV3lAUlbTxF2w==

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.belasmensagens.com.br/	1970-01-20 16:32:49	Name: _gid Value: GA1.3.1801170254.1701083458
.belasmensagens.com.br/	1970-01-20 16:31:23	Name: _gat Value: 1
www.belasmensagens.com.br/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%22d412ef38-790f-4c95-aecb-c2290a9fb3cb%22%7D
.belasmensagens.com.br/	1970-01-20 16:31:23	Name: _gat_Contteudo Value: 1
.ads.stickyadstv.com/	1970-01-20 17:14:35	Name: UID Value: f494f2d4167f26908db3513d0c46fcb
.belasmensagens.com.br/	1970-01-21 02:07:23	Name: _ga_LH8HHLTZNN Value: GS1.1.1701083457.1.0.1701083457.0.0.0
.belasmensagens.com.br/	1970-01-21 02:07:23	Name: _ga_BET9P2RY3W Value: GS1.1.1701083457.1.0.1701083457.0.0.0
.doubleclick.net/	1970-01-21 01:52:59	Name: IDE Value: AHWqTUmQGMNelpG6wCvHcWuCx7dUDbs8dLHQeNEunnoEyHHXneCRo_UCPiVBpjYBkrU
.belasmensagens.com.br/	1970-01-21 01:52:59	Name: __gads Value: ID=d5e888204b9d4847:T=1701083458:RT=1701083458:S=ALNI_MYzHOAz5Ehsv97wrVe1j1QyhvySiA
.belasmensagens.com.br/	1970-01-21 01:52:59	Name: __gpi Value: UID=00000ce111cd6f21:T=1701083458:RT=1701083458:S=ALNI_MaKV8awp5O7vMSMkEWY3EtZY0r5pQ
.belasmensagens.com.br/	1970-01-20 16:31:23	Name: _gat_uolMain Value: 1
.belasmensagens.com.br/	1970-01-21 02:07:23	Name: _ga_XWCHXHCC99 Value: GS1.1.1701083459.1.0.1701083459.60.0.0
.belasmensagens.com.br/	1970-01-21 02:07:23	Name: _ga Value: GA1.1.2089323646.1701083458
www.belasmensagens.com.br/	1970-01-21 01:52:59	Name: _scor_uid Value: 9c31ad5a3cc4429c853d239260b70978
.doubleclick.net/	1970-01-20 20:50:35	Name: APC Value: AfxxVi5FVabzhrB1ObkjWwkR3KhCXDcppflKrPwf2stAePsHjqX0SQ
www.belasmensagens.com.br/	1970-01-20 17:14:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
.t.tailtarget.com/	1970-01-20 16:34:16	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 01:16:59	Name: u Value: fwAAAWVkeUSLUwabCkmXAgB=
.udr.uol.com.br/	1970-01-21 01:16:59	Name: UOLID Value: 97cd8e69-2ded-45e1-b3d8-caf2c5a980f0\|0
www.belasmensagens.com.br/	1970-01-20 16:31:25	Name: tt_c_vmt Value: 1701083462
www.belasmensagens.com.br/	1970-01-20 16:31:25	Name: tt_c_c Value: direct
www.belasmensagens.com.br/	1970-01-20 16:31:25	Name: tt_c_s Value: direct
www.belasmensagens.com.br/	1970-01-20 16:31:25	Name: tt_c_m Value: direct
.tt-10162-1.seg.t.tailtarget.com/	1970-01-20 17:14:35	Name: trk Value: 3Lrt4RnhS/dw9RXrcrBYz+VQvTeqp7OP5wq7SMozL8o=
www.belasmensagens.com.br/	1970-01-21 02:07:23	Name: _ttuu.s Value: 1701083462583
www.belasmensagens.com.br/	1970-01-21 01:16:59	Name: tt.u Value: 0100007F447964659B06538B0297490A
.t.tailtarget.com/	1970-01-20 17:14:35	Name: ttbprf Value: ___de_1701083462895_3648182812
.t.tailtarget.com/	1970-01-20 16:31:25	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:14:35	Name: ttnprf Value:
www.belasmensagens.com.br/	1970-01-20 16:32:49	Name: tt.nprf Value:
.tt-10162-1.seg.t.tailtarget.com/	1970-01-20 16:31:27	Name: ttca Value: _1701083463
.t.tailtarget.com/	1970-01-20 17:14:35	Name: n Value: 1701083463
.adnxs.com/	1970-01-20 18:40:59	Name: uuid2 Value: 4388637939302300991

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ(Line 2) Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	error	URL: https://www.belasmensagens.com.br/ Message: Access to XMLHttpRequest at 'https://fundingchoicesmessages.google.com/el/AGSKWxXZ9JrSu6S2b-_jLY8g6s2yGsmjnycKmBqsE9jkOmWcx43XFH6rk2oQRQ1TQn7O0O5R9QnPxesVLHcQlnEEM0JsEXnzHuU-jE_R4csx0bKOoQARiXQRmj2awCO0SYV3lAUlbTxF2w==' from origin 'https://www.belasmensagens.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fundingchoicesmessages.google.com/el/AGSKWxXZ9JrSu6S2b-_jLY8g6s2yGsmjnycKmBqsE9jkOmWcx43XFH6rk2oQRQ1TQn7O0O5R9QnPxesVLHcQlnEEM0JsEXnzHuU-jE_R4csx0bKOoQARiXQRmj2awCO0SYV3lAUlbTxF2w== Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.yieldlab.net
ade.googlesyndication.com
ads.stickyadstv.com
ads.viralize.tv
ajax.googleapis.com
b.t.tailtarget.com
c.amazon-adsystem.com
cdn.ravenjs.com
ced-ns.sascdn.com
config.aps.amazon-adsystem.com
csi.gstatic.com
csync-eu.smartadserver.com
csync-global.smartadserver.com
eus.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
imasdk.googleapis.com
m.t.tailtarget.com
me.jsuol.com.br
monetize-static.viralize.tv
notix.io
pagead2.googlesyndication.com
pghub.io
polyfill.io
prg.smartadserver.com
privacy-sandbox.uol.com.br
pubads.g.doubleclick.net
region1.analytics.google.com
region1.google-analytics.com
rr4---sn-4g5lzner.googlevideo.com
s.seedtag.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
token.rubiconproject.com
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
udr.uol.com.br
unpkg.com
widgets.getsitecontrol.com
www.belasmensagens.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
www8.smartadserver.com
fundingchoicesmessages.google.com
108.138.1.25
13.32.119.77
138.199.36.11
139.45.240.92
142.250.185.134
142.250.185.194
151.101.129.108
18.66.112.41
184.30.22.30
185.86.138.124
2001:4860:4802:32::36
23.218.209.78
2600:9000:206f:8800:1:bcff:6780:93a1
2600:9000:206f:f600:1e:82d4:d9c0:93a1
2600:9000:223d:b800:1:aa11:940:93a1
2600:9000:2251:7c00:6:5b96:3f00:93a1
2606:4700:20::681a:64c
2606:4700::6810:7daf
2607:ae80:4::26
2607:f8b0:4009:808::2003
2804:49c:3101:401:ffff:ffff:ffff:52
2a00:1450:4001:15::9
2a00:1450:4001:806::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c09::9a
2a02:2638:3::c
2a02:26f0:3100::1735:29f0
2a02:26f0:480:e::210:f106
2a02:26f0:480:e::210:f108
2a02:26f0:780::5f65:3681
2a02:26f0:780::5f65:3688
2a04:4e42:400::729
2a04:4e42:800::282
34.102.185.99
34.102.243.38
34.149.50.64
35.186.238.232
35.241.45.217
37.252.171.52
69.173.144.139
89.149.192.192
99.86.4.128
0062cd1266d146c7b0bbbf4ae0b650e9a39e24a2833fdff87bd9bf5e9fc132ec
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f130c61d4eb2f5073dce583c5abb3467bdadc7c42655dc697a6a3fa7be62f8
0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3
095225d09c00e48fae10190c77136bfad208993dc708cc436416627b0fb320c9
0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715
0eece30c2c835fb69fee6f366ab1685cfec2bb112c4f20799180268a546420f8
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
11eae72fd819f6d784f244bb49543e904f3a1bf5db32f7a3d0353adda4d6bbc1
1673cb391b73c5524bbe8e4881eb1200adca4ffd93359991ef7cdbee07816b03
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19155aa67da5a92b18923455bd3445857e3872b776d3843dcf5507d96c617be2
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1bbd2803f99d45e9b364c4e31cfbd21201229bef54766227389a97ea30abcf31
1c915ff050126424c92d7b9a1b0472e430ef495f89bff63e2f5692f6a6f2e956
1d668bc60ee47e64e4696a5cdd72ab7032f5280d9fe96c40098fb7e12533eaa4
1da3c2d5bb781a53daaa09b626b25d580bfbac1fbedd6f549434516439b5505f
1f75ec7cf5732e66f445fc8bce027a9bb8c97c6d580aad80e0a8d635e209abab
2282944e32da085e7450b47ad272376aca3c4ed07201627663a4b0a88b4e667f
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110
24dead2354f640a8900be9aab41aa54ca30676c75a8c0765f56d49af1805bad3
26afbfacfab3a8bf5fdf2460cd0dcac9a0c8b64f6c3550eed58c6ffcdca604a8
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
2a55a7d1da5bcc5478ddc6a927ef6ec4278c1c0a2ef2bbe2848359f070181871
2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a
2f6d947bb851044dd79bdf5bd7716c3fb29b6cb44dc659f49fd86c224ef9e653
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
37416707b4b804a7c56868fbd77fc5e98eb5e4b4ffaedb0ae31cb4c4f8826e5a
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
425a0c2516e8c164588949c1ae146ff31388c351d3d3ec0e40a4808451b5d40e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4be0d0585d4c0866551f173ca8a2e18562a1a6a6e45c17f7438d09173e0026e5
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
5446cc6aa910e2194375c9d372ac468148bcfe63eb395a6b05a18a4b86093ad7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5b1ccd08e901adfcd4b47e942f7c860ccd41f3e90ba07c787fb222cd8b776aee
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6292b3fcc4a0cabbfc21bcb4118a3fd263d0a4f84592b05abceb3c42235a0289
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6383c5ef7fccaebaf923e4c291dc5f5225e9a5d47cf4568f6ce5e43161d5e628
63af0efd82cde70366a5c3d6fac8768eab7e9c549bae3ca3895ed8b20fa6f7a1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
695554d64c47b624801aea908a3ef2dfeae23081d84312c9cc2afbb9f2d8567a
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e36cc8846e3595c046f4888caadba0c64ae31ae9e153d8cebbcfc28afeed34b
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
7260bce040ec4b8b946507e1b552161f81b8d11e53aa90b931c15bff4f370f23
729f41f5afe9a3a2da94c5a4bdd3448e5136a587594837174c90a04e0b8d79fc
72ea0bf10921b8ef082b90bb41d8f9ac7377e5deecd6375e8e5c87d597f79a9c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7babe465291d02615e5872e8a8bfc0a2e4ca7cb9d604df3dabf8fb253ffe8f2e
7ca38fdfd85fede251730192f5f78cfaf3f2e0b38f69a1b7ca07b0aa9e707e1c
7e2026eee9d16bad733c157a3ffb5e8a96f0452a6443b82978c8c7f6cf395407
7fc7ae3e7254890159b0be1401fcfb597c1ab415463f95951dcf3b28ab3d8a97
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
8c38322d16f3f50bed9d5118f55a3f2482b107d2f7768cf34fb9d691b00dc8bf
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
90e4eea987761228cca6f2c5c21105484a4e28dd2929ca394d4b6e8c8a7e78b6
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91d66ac18bafe8a50ebbeb8fa9de825ebcf04adf038a0b715835c25b6e5019be
925f35c86a25bd98442cc85f95e18588b4d6838f78ada210e6d9c7bb7f4df313
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a215d82d7f9c25f2f38d1532a9966a38b0a9d9457b5315ad76a0dddd4bdf8f13
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a40f23490e89a31a24537d56988bbf4b6ab6b5fca3595a1ca564891b1b2d7e14
a72d96ee789b3b52007d7862b59a887adfd1779d0a8276d838cb43fd993c1c41
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
a9a2560a1f50b9ddb3eae884f72f2d8ce753f116d52847bbd5324163798b902f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07c2093b7212a29366109054dd435a0ecc5980622b9b34eaf2bdb5fb77c3336
b0f928ea00f343ee7408675e8c150c74f9e9322a2ba6708d16317510105f165c
b26fe5fa11212a2d528dfd8f30e5471d4a4ae981d9f3d8ebc350bd519b3aae25
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bb3b925cee5500c2848a3c2dd2ecdff97d59395dd7b7efae8dc5ddd11ba0be8a
bc943d99a17601269835433917f1efda0d67b29122939756712776a7bc4fdbb7
bea981f9cd3eb65830019036bce902f4be550543840ed70fb4998cdba0abbc0a
bfd8d3d92acd1f69355b64844cae8628175c082a8485036f8a6b79a510705ccb
c2d6da90f097a7760687e0c9d2405d2803b9983a5644b60f1d4dcc17eadd39ad
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
c66ab1c2a5411b1f4ca3043d9ccdb4a5964cfd0522a6e36eb26cad5dea4afd93
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b482e17c44b320366108a0e1859d02b0413541ab463b590afc3f8e60ff1c97
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d267db333e9a17b07c0dddb57e772fd638b27a466881aceee2e4e3e60b0843e4
d456e7e634175b6300e166014bec0a6d361e7ce727049caa19431c3c31654eda
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e04a7a6d0a974da299957a78f9c8a94be9e72f16554ea63ca832109ba57dc47d
e33259b1585be59a1a4df3abd5fd8a208d254c9314892bf5c4bd8863cdf0bec0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e67819c8e752d7843562058050f7d70a6adf85edf467e2d9ea9431a2eeae8756
e7c2e0c7e7afbd7cd865a3da4a6a0e1d24b68dd91e1dac0dc67235a9e09a1db9
ec54a9cf353d9700cfa084145dd27d8845373302abae779d118c5d2efcc11fef
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f5d4f4059ddadc8ed73873385780bc73385ae4cb38680220331f5c33b82c1d2b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b3dc94297cd47d4b2195477eff1acd681aa73851590061b58b32fc05a4a007
f93643a4970611f7ea3e9bbfd711a49de9e3f05b2ebcf5ddd5c0827da1722879
fb101b97c5c742bd1e11cd1db093675c301e1e08513255358d0621f3dd278b79
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df
fca6b6937bdf94e2adc59678f62c9c67d8acfaf61f2f8dd3819c893e82207e81

www.belasmensagens.com.br Open in urlscan Pro 2606:4700:20::681a:64c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

98 %HTTPS

64 %IPv6

32 Domains

60 Subdomains

55 IPs

7 Countries

8068 kBTransfer

13800 kBSize

33 Cookies

5 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.belasmensagens.com.br Open in urlscan Pro
2606:4700:20::681a:64c Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

98 %
HTTPS

64 %
IPv6

32
Domains

60
Subdomains

55
IPs

7
Countries

8068 kB
Transfer

13800 kB
Size

33
Cookies

209 HTTP transactions
1 data transactions