www.ganhedevolta.com.br Open in urlscan Pro
67.225.224.210 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Submission: On December 13 via manual (December 13th 2020, 2:40:40 pm UTC) from BR

Summary HTTP 107 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 107 HTTP transactions. The main IP is 67.225.224.210, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is www.ganhedevolta.com.br.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on September 23rd 2019. Valid for: 2 years.

This is the only time www.ganhedevolta.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	67.225.224.210 67.225.224.210	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
37	2600:9000:206... 2600:9000:206f:dc00:1a:fe90:480:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	89.187.169.26 89.187.169.26	60068 (CDN77) (CDN77)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	65.9.73.26 65.9.73.26	16509 (AMAZON-02) (AMAZON-02)
7	65.9.73.61 65.9.73.61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
2	65.9.68.110 65.9.68.110	16509 (AMAZON-02) (AMAZON-02)
107	20

7 67.225.224.210 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)

www.ganhedevolta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2600:9000:206f:dc00:1a:fe90:480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gadevo.level99.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.26 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-89-187-169-26.cdn77.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.26 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.73.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.68.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	level99.com.br gadevo.level99.com.br	752 KB
10	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	7 KB
8	google.com adservice.google.com www.google.com	2 KB
8	google.de adservice.google.de www.google.de	2 KB
7	intercomcdn.com js.intercomcdn.com	394 KB
7	ganhedevolta.com.br www.ganhedevolta.com.br	271 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	148 KB
5	gstatic.com fonts.gstatic.com	81 KB
4	googletagmanager.com www.googletagmanager.com	153 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	intercomassets.com static.intercomassets.com	27 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	2 KB
2	googleadservices.com partner.googleadservices.com www.googleadservices.com	13 KB
2	getsitecontrol.com l.getsitecontrol.com	2 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googleapis.com fonts.googleapis.com	1 KB
107	17

	Domain	Requested by
37	gadevo.level99.com.br	www.ganhedevolta.com.br gadevo.level99.com.br
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com
7	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com www.ganhedevolta.com.br
7	www.google.de	www.ganhedevolta.com.br
7	www.google.com	www.ganhedevolta.com.br
7	www.ganhedevolta.com.br	www.ganhedevolta.com.br gadevo.level99.com.br
5	fonts.gstatic.com	fonts.googleapis.com
4	pagead2.googlesyndication.com	www.ganhedevolta.com.br pagead2.googlesyndication.com
4	www.googletagmanager.com	www.ganhedevolta.com.br www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ganhedevolta.com.br
2	static.intercomassets.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	l.getsitecontrol.com	www.ganhedevolta.com.br l.getsitecontrol.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	www.ganhedevolta.com.br
1	fonts.googleapis.com	www.ganhedevolta.com.br
107	23

This site contains links to these domains. Also see Links.

Domain
www.gadevo.com
chrome.google.com
ajuda.ganhedevolta.com.br
www.instagram.com
www.facebook.com
twitter.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.gadevo.com Sectigo RSA Extended Validation Secure Server CA	`2019-09-23` - `2021-09-22`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.level99.com.br Amazon	`2020-09-17` - `2021-10-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
intercomassets.com Amazon	`2020-08-15` - `2021-09-14`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Frame ID: 812E8F8912BF15770772647C1F4757AC
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 69DAC20B8723B8C7D08EC9EAC5E332AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3831231025825420&output=html&h=280&slotname=5838259352&adk=3151081671&adf=1228456142&pi=t.ma~as.5838259352&w=1200&fwrn=4&fwrnh=100&lmt=1607870422&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607870422745&bpp=13&bdt=359&idt=122&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5068163093375&frm=20&pv=2&ga_vid=805959496.1607870423&ga_sid=1607870423&ga_hid=454785714&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2551888844072847&pem=628&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=a61hunISgk&p=https%3A//www.ganhedevolta.com.br&dtd=144
Frame ID: 2075064C1AAE58472324C1CD03057B5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3831231025825420&output=html&adk=1812271804&adf=3025194257&lmt=1607870422&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607870422809&bpp=2&bdt=422&idt=89&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5068163093375&frm=20&pv=1&ga_vid=805959496.1607870423&ga_sid=1607870423&ga_hid=454785714&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2551888844072847&pem=628&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
Frame ID: FBAF5B43E9A83DC4D6DE7498B373BD9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 30086C6D6CC53FCC3BCA0B86437254FD
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.33ae137a.js
Frame ID: 91A79D8CE854E8BADB7D204CF85FF4AB
Requests: 6 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: 77FDDAD35D573FDBEDC621B3CC62D84F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

107
Requests

98 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

20
IPs

3
Countries

1905 kB
Transfer

5787 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gadevo.com/language/en?go=/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19&key=aXFRcjVEMzdjcjRlN1BZalRKRmF5OGd0TmRJVG1OcE9sOW9XZytzaXowST0=
Title: English

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/nblmocepnocjbiikmokemnfcoclhdfhb?src=external-plugin-page
Title: Adicionar ao Chrome

Search URL Search Domain Scan URL

URL: https://ajuda.ganhedevolta.com.br/
Title: Central de ajuda

Search URL Search Domain Scan URL

URL: https://www.instagram.com/GanheDeVolta
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GanheDeVolta
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/GanheDeVolta
Title: Twitter

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/ganhe-de-volta/id1517115419

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.gadevo.ganhedevolta

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://widget.intercom.io/widget/ej5bet0w HTTP 302
https://js.intercomcdn.com/shim.latest.js

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request plugin Show response
www.ganhedevolta.com.br/ 47 KB
12 KB 691ms
197ms Document
text/html 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

9a8f5cf60fa6ae36a648dc297890cce693eac10c523ab4d687afeb992f9ad401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.ganhedevolta.com.br
:scheme: https
:path: /plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=nm65kp89h4dpeo5rdhgrs3a5b2; path=/ idioma=pt; expires=Tue, 12-Jan-2021 14:40:22 GMT; Max-Age=2592000; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-ua-compatible: IE=edge
x-content-type-options: nosniff
content-length: 11389
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16e86c03ae5f88747ce638b667c3bff4e6274ae45e1f90d8abfb512a926d93e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 14:40:22 GMT
server: ESF
date: Sun, 13 Dec 2020 14:40:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H2 200 import-new.css
gadevo.level99.com.br/css/ 206 B
661 B 99ms
42ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06f328eb3645b6e38308dbd5901b346a7cda4c851b71b125364621762c7df97f

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 07:30:09 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 457814
etag: "dcb77124046ab9c8e05ca9736e9bb38f"
x-cache: Hit from cloudfront
x-amz-version-id: 9MkVrfk3x85imB_A8kHBQ7OUkMqougjc
cache-control: max-age=1296000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-type: text/css
content-length: 206
x-amz-cf-id: Oc4-z52EhGKQ8e5IiINEI3Qoj9-0rz1DVaunEzh51NM_47l1qcXe6w==

GET
H2 200 font-icons.css
gadevo.level99.com.br/css/min/ 41 KB
8 KB 75ms
18ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/font-icons.css
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bdc330c8812ddfd4f19b00b478c95cefecb7a96714c68307d148c15258c7fbe

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:48:56 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:30 GMT
server: AmazonS3
age: 359486
etag: W/"41ee1f60d98fe6537a7f5c7e83ef6d2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: BRZerAC9FE8gpnPrjTPKmWM.0a5PcLAd
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/css
x-amz-cf-id: cwEWu3LiJX9Tjwpgj49yg5bGfVgnM-ymsc6lQttVoHR-G188NY0UnQ==

GET
H2 200 flickity.css
gadevo.level99.com.br/css/min/ 2 KB
1 KB 94ms
37ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/flickity.css
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e393dd2e8b97bca574c7aab1fe5ded43c3e8953cfd333841fad6af88f33fdc9

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 14:57:00 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 863003
etag: W/"2e693e5644a6a483bfc7aeddfee591d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: M.9orYnXqqnlfmgOjr5hlIu3Zu2IXG0y
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-type: text/css
x-amz-cf-id: __TqfVHT28GJaNBhpFWqD_Yn585LXgo-6heyhGWt0SA87BG0Z38CTA==

GET
H2 200 config.css
gadevo.level99.com.br/css/min/ 48 KB
10 KB 78ms
22ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/config.css?v=13
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cff39eb570874de5245ea31068aeff355661b2300909a2d26e8f970922ec22b

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:48:56 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:30 GMT
server: AmazonS3
age: 359486
etag: W/"25774c8421f398f2c6598d661b855a10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: C191FOJLlP1MwaHMAi3MiV52OlApSsrv
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/css
x-amz-cf-id: iJXXzZQR52BjVpd28vfPdOLIVU_W2QZNjicx-3P6R78azSnVyVk-yQ==

GET
H2 200 config2.css
gadevo.level99.com.br/css/min/ 316 KB
48 KB 95ms
38ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/config2.css?v=15
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d871d97c4e836811f8122ec2303f6af7950054f6c2bdd3ba736e85482c5221aa

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:48:56 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 359486
etag: W/"8c41f55514184625cc4235bfcb83fe6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: T0q02qTqDxuKre_2y3f033QZLLnPk7Yo
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-type: text/css
x-amz-cf-id: 10ff4G0J5BdxzhntEGQ-Rp2J1F1XK-rSCqYZB409rnGqw_H66SFzlA==

GET
H2 200 svgicon.js Show response
gadevo.level99.com.br/js/ 3 KB
2 KB 30ms
28ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/svgicon.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 411229a15747841322e4bc1c0734be37dd59d2458013993c96a708c464b1d389

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 01:59:12 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:03 GMT
server: AmazonS3
age: 1255270
etag: W/"6904ec8c0585305707cf86c20fe2f174"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: lPlvOSqUkn0ZVqMN00ON5t79rmAdv9Ak
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/javascript
x-amz-cf-id: h9ed29vEekynviTGtfFbFc6bDIDda5WqfGholFW4wVjdVFeNUSu4DA==

GET
H2 200 jquery-1.12.4.min.js Show response
gadevo.level99.com.br/js/ 95 KB
33 KB 96ms
40ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/jquery-1.12.4.min.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 02:10:00 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:04 GMT
server: AmazonS3
age: 2032223
etag: W/"4f252523d4af0b478c810c2547a63e19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 93z8G65.01oXme6Moesa2AeVpBGWtMsH
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/javascript
x-amz-cf-id: s-_asIsmCEShdjtsis5-2whR9LIxUfjQpk2QglRVcF0NSnbHkWR30A==

GET
H2 200 plugins.js Show response
gadevo.level99.com.br/js/ 472 KB
131 KB 85ms
29ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/plugins.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dea73eeca307feefb58351c873056d6110ded24a0d449e15481b14fc7284878f

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 01:59:12 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:03 GMT
server: AmazonS3
age: 1255270
etag: W/"137f36dcab88bcad78cdea10213b7e9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VuRvwOEkX.ME_i5wNju9bkhQOctS6IHQ
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/javascript
x-amz-cf-id: jhkm9jRFXgKFq8DVUkYW2QuXzyxiNZHc4dg_FH321FSqr3OaIMogqQ==

GET
H2 200 bootstrap-typeahead.js Show response
gadevo.level99.com.br/js/ 21 KB
7 KB 69ms
13ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/bootstrap-typeahead.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 999e75f4cba313605a7f91a0920dbbb9262701d72ddaae8dd77e46e0abb8a8b6

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 08:06:34 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:03 GMT
server: AmazonS3
age: 282829
etag: W/"b48532e0df52295044a8996f360aa10c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: OiJY5a00g3wg91tBfQorhuCKrf_kIWSw
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-type: text/javascript
x-amz-cf-id: eotZUYMdYmVg2HfDsh4h8KPfJF1tjUPmjLbV5iZGsrKP9aTMpaxhdQ==

GET
H2 200 hogan-2.0.0.js Show response
gadevo.level99.com.br/js/ 6 KB
3 KB 98ms
42ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/hogan-2.0.0.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3916385d93833263bf138311d891123b5bdb74cf6f9840cc4334c59a019018e8

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 05:11:41 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:04 GMT
server: AmazonS3
age: 1675722
etag: W/"268f031f39e2d3c24d692dbdbadd841c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WjE2.P77ofpAKz1d0U1MWZ8s5XTRRPQs
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-type: text/javascript
x-amz-cf-id: 6ceq8f6DqBNIQa8-uoooxclOvZDhcHmAyx8-yneLbN1Vp45ODpqgDA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64632118-1

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

197bb46f1142044a95d1be8497efa3bca746076e6e080b6379efab60ae1d97e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38974
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H2 200 br.png
www.ganhedevolta.com.br/images/flags/ 593 B
697 B 180ms
178ms Image
image/png 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ganhedevolta.com.br/images/flags/br.png

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

dff6f4d907290bdbe74812bf73b590f268694e0a30e64b4bb24b803a47b3e319

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 Aug 2015 20:10:48 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 593
expires: Tue, 12 Jan 2021 14:40:22 GMT

GET
H2 200 us.png
www.ganhedevolta.com.br/images/flags/ 609 B
665 B 180ms
178ms Image
image/png 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ganhedevolta.com.br/images/flags/us.png

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 Aug 2015 20:11:22 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 609
expires: Tue, 12 Jan 2021 14:40:22 GMT

GET
H2 200 logo.png
gadevo.level99.com.br/images/ 3 KB
4 KB 27ms
25ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/logo.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e81fd37365b9507105d57d90960c8c45ddc7d212a459470bc06bc4cc1588212c

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 12:45:00 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jul 2019 02:59:21 GMT
server: AmazonS3
age: 1734923
etag: "f294ad056502937e0cdd164b9307ad7c"
x-cache: Hit from cloudfront
x-amz-version-id: L6WXc9nxnF6pm1HzEJoaMnts6BcaJYTm
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 3282
x-amz-cf-id: kGG-uA5fClxHDIRCvYLw-kce3_xuIXaXdrPRYPePE78i1w6uZgrtsQ==

GET
H2 200 logo@2x.png
gadevo.level99.com.br/images/ 7 KB
7 KB 31ms
29ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/logo@2x.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7b50448486996e0fdf28f2836f5de5b305b65e69462bf64835a1fea6b45b307

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 00:14:59 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jul 2019 02:59:21 GMT
server: AmazonS3
age: 915923
etag: "032007bfc94eab406fa1ee079f8c4d3f"
x-cache: Hit from cloudfront
x-amz-version-id: UUXQt7Mo9FYSilsKiE8nQJaZaS6C.txk
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 6679
x-amz-cf-id: cA5Nm2a1iD9F6oR1NeKd1kFkzHfvi7gxlntnkMm1YNEnFj3-Upz7Lw==

GET
H2 200 chrome-32.png
www.ganhedevolta.com.br/images/icons/ 942 B
998 B 181ms
180ms Image
image/png 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ganhedevolta.com.br/images/icons/chrome-32.png

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

f3f1b920399b28638313e2a971a282204a6b67e7a27500754c1adffe6dc9e88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 14 Jan 2018 22:14:56 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 942
expires: Tue, 12 Jan 2021 14:40:22 GMT

GET
H2 200 5-star2-20.png
www.ganhedevolta.com.br/images/icons/ 2 KB
2 KB 182ms
181ms Image
image/png 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ganhedevolta.com.br/images/icons/5-star2-20.png

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

73bf7a379d8d8f21c087ceca904f84368a6df4184dba94b4549a0b61de2182ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 May 2017 05:01:22 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2125
expires: Tue, 12 Jan 2021 14:40:22 GMT

GET
H2 200 plugin.png
gadevo.level99.com.br/images/ 15 KB
16 KB 27ms
25ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/plugin.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66c655485a0d24a86d7ac0e357f3f06e927dd022222ab0d4397d178a7ad639bd

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 06:10:50 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2018 00:30:40 GMT
server: AmazonS3
age: 376172
etag: "63813f6403ad64c92f50fdceefb28be7"
x-cache: Hit from cloudfront
x-amz-version-id: NwTsv26tuikj5fHiw6iS9adNFmnBNrdo
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 15496
x-amz-cf-id: zJCZoSo9phJVIP4Q4z5LgSxvUkR_TZy098apU0w_28uDBZyk1z8IDg==

GET
H2 200 plugin_1.png
gadevo.level99.com.br/images/icons/ 5 KB
5 KB 29ms
27ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/icons/plugin_1.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10228a1b47a32ae817f99f89a5433ee86a655f32ad1a6ce7b99ae2ee399b2107

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 06:10:50 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2018 05:01:09 GMT
server: AmazonS3
age: 376172
etag: "465c7a9ac571f6e17f0f589b8745656c"
x-cache: Hit from cloudfront
x-amz-version-id: N__nwA747ED4j0_be1nS7RI5KbxjdEk.
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 4994
x-amz-cf-id: xIvlpcQ21o0ZnUjxwGtq9xonta8SYaWJkhQEHFFg2iwloQ5sVgCxbw==

GET
H2 200 plugin_2.png
gadevo.level99.com.br/images/icons/ 5 KB
6 KB 28ms
26ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/icons/plugin_2.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 478d838ee8045299b2ddfd875ed948e753a68ecd8f9fd0bf23c42b3246b4e151

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 22:05:02 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2018 05:01:09 GMT
server: AmazonS3
age: 405321
etag: "650931ac88a4b7f64d2c8ecdfedcfa65"
x-cache: Hit from cloudfront
x-amz-version-id: y0XHi7zNY9ktzWKVBDN4iK6_Q_qSIcks
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5343
x-amz-cf-id: dAbikmeOwgEhuQMUrKHx0PpirVXq6x40bvCVtB9R2s3guyLPgF2fAA==

GET
H2 200 plugin_3.png
gadevo.level99.com.br/images/icons/ 5 KB
6 KB 30ms
28ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/icons/plugin_3.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d98c455092a335a3ace1d1e561c3670761cdf26e2c9b574f41a69cd2d0f6b1f

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 06:10:50 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2018 05:01:09 GMT
server: AmazonS3
age: 376172
etag: "03b8d4ec141b8bf58516cb24cf7d1af5"
x-cache: Hit from cloudfront
x-amz-version-id: 3oG4BAryJGNn1nBwx692VP3dosfqmHaw
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5319
x-amz-cf-id: _1uJmBCqqH8T7sk4OXZceGVYxWvxA14XJYdHFW5uGroQE3Tgv3YJvA==

GET
H2 200 plugin_lateral.png
gadevo.level99.com.br/images/ 13 KB
13 KB 41ms
39ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/plugin_lateral.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ca197457402a1a0e536aac40c2afbca6e9c218f9c2a7deb5ff3e821edd7f0fe

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 06:10:50 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2018 04:58:30 GMT
server: AmazonS3
age: 376172
etag: "2ad501d707fcdfd4748c18eb54c9fc1a"
x-cache: Hit from cloudfront
x-amz-version-id: cXUzXqFtQocIBXRoxN5wg_uUZobTYvOR
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 13143
x-amz-cf-id: i6bAdezZZ2XsKgK3vP0YHXoRUR-Xc07hD6Gno3O7b6d_rsBJEeFRSg==

GET
H2 200 itunes.png
gadevo.level99.com.br/images/ 4 KB
5 KB 29ms
27ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/itunes.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b5baf4bb1e566a7354b4c8ace72e43bc6fd4d95be0dd856b8ed055c0b23bd82

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 00:14:59 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jun 2020 01:36:24 GMT
server: AmazonS3
age: 915923
etag: "815bbe207762ffa7043839903402f472"
x-cache: Hit from cloudfront
x-amz-version-id: .VZcLO6xUptIhSOQeEcMsiakex77efn4
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 4206
x-amz-cf-id: hWB23ogEkPjNdz2HjW9PdkTupUr4nGmeaSugHxWtvOD0zKrsFzEzvA==

GET
H2 200 playstore.png
gadevo.level99.com.br/images/ 5 KB
6 KB 35ms
33ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/playstore.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0410688e37aa7bc00d77a519d6860fccd83dbd525707b88b77e99a4d466eb5a

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 10:39:12 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jun 2020 01:36:24 GMT
server: AmazonS3
age: 1137671
etag: "c229e8715c28b4ef9b269f81936008e3"
x-cache: Hit from cloudfront
x-amz-version-id: 04Gb.kVFPnfJ0aO4vk2Vna85cVVu1EY_
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5459
x-amz-cf-id: tJanEHIjzOfBNqphAcaoSxCXnWV1eMxW6r1hBfDzRGnPO5L31AMdqA==

GET
H2 200 logo-f.png
gadevo.level99.com.br/images/ 2 KB
2 KB 28ms
26ms Image
image/png 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/logo-f.png
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c44261d0f5a6a71a96ceda0450b8a18592baf09d3f2c4d028f14776db87ebe7

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:55:29 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jul 2019 02:59:21 GMT
server: AmazonS3
age: 344694
etag: "3ee8275f15d734d39e92941ce5a23538"
x-cache: Hit from cloudfront
x-amz-version-id: zVwUx8s7tSlcAtedDHBlFYeEqlyRg38q
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 2086
x-amz-cf-id: rm_KrdFz4ohgZ_tqstuPF9Ghtdq4Y3SiGSUTmYkB-SJpyHqryyeC8A==

GET
H2 200 sweetalert.min.js Show response
gadevo.level99.com.br/js/ 17 KB
6 KB 22ms
20ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/sweetalert.min.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 13:59:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:05 GMT
server: AmazonS3
age: 866435
etag: W/"2f9966a615f3f46d846807adbe42644f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: m4pF.10M5y19EHYSKEoyZq6CgSJxbFVo
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/javascript
x-amz-cf-id: B_MrgooqaLvbPLsDMHHJ5ZNXzYz92vRXfxVixXCX6lNcrM-DhYrHtA==

GET
H2 200 functions.js Show response
gadevo.level99.com.br/js/ 46 KB
12 KB 45ms
43ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/functions.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3086bde63df3da1fafbd569293e0102a896f6bb8c4f61c7727480f345c2664a7

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 05:11:41 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:04 GMT
server: AmazonS3
age: 1675721
etag: W/"6c912b7d3fddb3242fe7d6c4b30bb710"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 3NCFlaCbts7buUkUpI7oAkGEB_Dv5b50
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/javascript
x-amz-cf-id: -JOdHH4zEiVUOffcGDOhuwEuUU3mrUvw87kZs-pv-U3r1uNKdnUXYg==

GET
H2 200 plugins.v2.js Show response
gadevo.level99.com.br/js/ 3 KB
2 KB 17ms
15ms Script
text/javascript 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/js/plugins.v2.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e45fea1ffd0d67291b48a474967c73e08f2effa46bcf94f7342a697abd00d8f2

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 02:10:01 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 06:17:03 GMT
server: AmazonS3
age: 2032222
etag: W/"45230ac8532a29356bcf256c4e3906a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: UwsbygXe1SR3k3V4RLa.ajjLNZJSoom.
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/javascript
x-amz-cf-id: uK1G2a1oLnkJmcSNy6qpv95g3jlFfvFuhuOV54CqzgXF7cCFUB6iHw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc5507a48dc0258f7ca9325fef77c9508bfb4755e82c1074ed82d75c7fbe9472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47106
x-xss-protection: 0
server: cafe
etag: 4700132448661307094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 38ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 159
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 6010709c9b8005c4-FRA
cf-request-id: 06fe24b5e6000005c4d9822000000001
expires: Mon, 14 Dec 2020 02:40:22 GMT

GET
H2 200 ads.js Show response
www.ganhedevolta.com.br/js/ 114 B
238 B 179ms
177ms Script
application/javascript 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ganhedevolta.com.br/js/ads.js

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

721ebb78c42307475a4a7e4a21dfc5640ac161714561120000a42dda107e81c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Jul 2019 01:56:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 118
expires: Mon, 13 Dec 2021 14:40:22 GMT

GET
H2 200 5wv1ng0w.js Show response
l.getsitecontrol.com/ 504 B
1 KB 1829ms
205ms Script
text/javascript 89.187.169.26
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/5wv1ng0w.js
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 9d58685764b886da7590b05ef668f30067a6c4f4064d397a941b4767b0240883

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: br
cdn-edgestorageid: 657, 617
x-amz-request-id: 4D6747ADAFD5219B
cdn-cachedat: 2020-10-20 13:45:00
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: KidKx093G21+k8osX2eB/ZfAR5A204rKcHlsu4hW1xoQKt1jFwu0oWCXy2chnlRrFWy+Bp+UhsM=
access-control-allow-origin: *
last-modified: Wed, 19 Aug 2020 22:17:51 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=2592000
cdn-requestid: 3a60b17dc9400e815c45640fd8295c7b
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 bootstrap.css
gadevo.level99.com.br/css/min/ 101 KB
17 KB 68ms
64ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/bootstrap.css
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48e97e266d4613cd3fd50531501932f3aef33666a2174f9e4cf4b3d288c0d52b

Request headers

Referer: https://gadevo.level99.com.br/css/import-new.css?v=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: zD.bj9jR8KYPCoN4bT7l_pFqko2Ynz0Z
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 11802
etag: "264dfe1eb2c3c29818406303829aa177"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
date: Sun, 13 Dec 2020 11:23:41 GMT
x-amz-cf-pop: DUS51-C1, FRA56-C1
x-amz-cf-id: dACIIX8oWLZVvA4q6AuL-PXPvRZGoG6JPoDu-3vf6Q5WR6eaoWSTXA==

GET
H2 200 style.css
gadevo.level99.com.br/css/min-v2/ 226 KB
38 KB 27ms
23ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min-v2/style.css
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9949336a14df9ef65fe488c4ac408d6f4650b6807fe39b23764ba23d4c3ff58

Request headers

Referer: https://gadevo.level99.com.br/css/import-new.css?v=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 13:04:35 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 264948
etag: W/"1a8d0ec5f03ccf6953d96036a80ff494"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WPSPhnYnHIO1O8Da2dFPF5V_VL.huH8H
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/css
x-amz-cf-id: rKi-r0EzixL8QY_GdeqpFPIQHbafwfjUMKZ__7lYamSfEPb5Y6GyWw==

GET
H2 200 dark.css
gadevo.level99.com.br/css/min/ 47 KB
7 KB 22ms
18ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/dark.css
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa0900b5041aafebf571ec9c905fbb21f3fab9605691e689cead6d78becac30

Request headers

Referer: https://gadevo.level99.com.br/css/import-new.css?v=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 18:59:28 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 416454
etag: W/"5ef7f6f6aeb1df7d8e0e626439b93a02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yAwEOZnNEWovhoQ4P5ewTKOYjLsaWGH3
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/css
x-amz-cf-id: jxs28UsOSS6RpeSUP7O-_uEIYh1i6nJDqMN6W591YjDNqdpobFE_Yw==

GET
H2 200 responsive.css
gadevo.level99.com.br/css/min-v2/ 35 KB
7 KB 46ms
43ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min-v2/responsive.css
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70c0cadbd344452ae97322123c0c93a89d20a7e73f3ae421f880db573ae87cdb

Request headers

Referer: https://gadevo.level99.com.br/css/import-new.css?v=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BVx_3iG2bOeUHHiyQA1_M_6GYzj2eugN
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 264948
etag: "5a2176424ed95f59a91aaedcde4c0b0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
date: Thu, 10 Dec 2020 13:04:35 GMT
x-amz-cf-pop: FRA2-C2, FRA56-C1
x-amz-cf-id: zXRoOUIbM3UPK_iDEggc8r-nRzG3RAiZmTocqi0-AxjSCAu4tzZAKA==

GET
H2 200 colors.css
gadevo.level99.com.br/css/min/ 8 KB
2 KB 18ms
16ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/colors.css
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f15054ca682646aa47ad0a50cf8d248dd62419877a061d53cebb3d54e52ac12

Request headers

Referer: https://gadevo.level99.com.br/css/import-new.css?v=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 15:04:25 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:30 GMT
server: AmazonS3
age: 776158
etag: W/"0d456d772b078b8e85b44d9f77bbcb9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: zu3ls1L0EY2LwOBViy9w._PhDidAINFk
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-type: text/css
x-amz-cf-id: _8MXmZcTl7xuZ1L5vaqw-Xj4Ce2IqXPAw49YhHg2xGX_M8dgYvdifA==

GET
H2 200 sweetalert.css
gadevo.level99.com.br/css/min/ 16 KB
4 KB 19ms
16ms Stylesheet
text/css 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/min/sweetalert.css
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/import-new.css?v=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2757180d0795291e5774a09b642b6c883006958eaebb585580688d72ff5c7fc8

Request headers

Referer: https://gadevo.level99.com.br/css/import-new.css?v=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 07:30:10 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 23:33:31 GMT
server: AmazonS3
age: 457813
etag: W/"ccaf75d3d9536182635613bc0d0017f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 5jBNhaEuJudUG7cfubsf0BNec0VO_zWV
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
content-type: text/css
x-amz-cf-id: 2aZiIX06o-fzC-QJvAzrtpAMfueeUfYFOpydyehO-G3wvmBvF3lpAA==

GET
H2 200 about-shape.svg
gadevo.level99.com.br/images/ 8 KB
3 KB 16ms
16ms Image
image/svg+xml 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/about-shape.svg
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/config2.css?v=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5460dd6ee036f7e4dc93fd17bf42ecb9269bb420d8a823bf50fd72a12b68ea63

Request headers

Referer: https://gadevo.level99.com.br/css/min/config2.css?v=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 05:30:14 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2019 01:36:14 GMT
server: AmazonS3
age: 378609
etag: W/"2aed603c095f734b23d757665e011ab6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ZyPGdq2PfVXo5aEoHwrY2QvhNOrV1W8b
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-type: image/svg+xml
x-amz-cf-id: 2VNaJqz6jFZpS7LzdqnPz3s1Z0-Z6zwdcpi71-fr17i8Mu4xEbCI6A==

GET
H2 200 sb-shape.svg
gadevo.level99.com.br/images/ 544 B
1004 B 37ms
37ms Image
image/svg+xml 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/images/sb-shape.svg
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/config2.css?v=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fee315f05a9ba9ae03be3c83c86b4f98ff828fc5140567e69c6947157388fe3

Request headers

Referer: https://gadevo.level99.com.br/css/min/config2.css?v=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 18:36:51 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront), 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jul 2019 01:36:14 GMT
server: AmazonS3
age: 1627412
etag: "d1cafdb6a102bcc93a451fe333e27a2a"
x-cache: Hit from cloudfront
x-amz-version-id: jUowaW.bWb4G_eGKApTe_PZxw0ZhF3mu
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 544
x-amz-cf-id: J1C4qFtkYyLRLDS0cZZe1ROSfMHuNCFlqaxU8PSwMc2i9AuTW3tIPA==

GET
H2 403 widget-link.png
gadevo.level99.com.br/css/v2/images/icons/ 0
0 188ms
188ms Image
application/xml 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadevo.level99.com.br/css/v2/images/icons/widget-link.png
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min-v2/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gadevo.level99.com.br/css/min-v2/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:04:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 333368
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Thu, 09 Dec 2021 18:04:14 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ 24 KB
24 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 00:12:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jul 2020 20:49:47 GMT
server: sffe
age: 52061
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24884
x-xss-protection: 0
expires: Mon, 13 Dec 2021 00:12:41 GMT

GET
H2 200 font-icons.woff
gadevo.level99.com.br/css/fonts/ 176 KB
176 KB 53ms
32ms Font
application/x-font-woff 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/fonts/font-icons.woff
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/font-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13de66596d19798ffdcad167e0913ab7afddc5ad944f669242dbeb87814843d4

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://gadevo.level99.com.br/css/min/font-icons.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 14:34:42 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront), 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
age: 605141
x-cache: Hit from cloudfront
content-length: 179736
last-modified: Fri, 20 Oct 2017 21:32:06 GMT
server: AmazonS3
etag: "49d544be262deb157694b7501e3283b8"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: VIZCqmdwzVZzuCDJuOGF89HGbSEdXzsV
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-type: application/x-font-woff
x-amz-cf-id: c42Bgx9PyfDmIH8ZY5P2jvBa17KRLlr9XXZrC66W6LKDDPQ3TaqBSQ==

GET
H2 200 lined-icons.woff
gadevo.level99.com.br/css/fonts/ 37 KB
38 KB 41ms
21ms Font
application/x-font-woff 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/fonts/lined-icons.woff
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/font-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95579100806e9a941176021ef36fd75d3183a7bd69a61d26fd9209283d36e6aa

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://gadevo.level99.com.br/css/min/font-icons.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 14:57:03 GMT
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront), 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
age: 863000
x-cache: Hit from cloudfront
content-length: 37848
last-modified: Fri, 20 Oct 2017 21:32:06 GMT
server: AmazonS3
etag: "443ebef006f8c24b02a84fe5b41f1049"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: unMRDxXWjAuMlhepazs8lXElgPBfsN2L
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: application/x-font-woff
x-amz-cf-id: GjhmMqhzt-HNIluDZIr9T3wDdtL0pzQ8Bewds1e9hjHOuGs2wZL4MQ==

GET
H2 200 fa-brands-400.woff2
gadevo.level99.com.br/css/fonts/ 68 KB
69 KB 33ms
14ms Font
binary/octet-stream 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/fonts/fa-brands-400.woff2
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/config2.css?v=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://gadevo.level99.com.br/css/min/config2.css?v=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 22:00:33 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront), 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
age: 405590
x-cache: Hit from cloudfront
content-length: 69608
last-modified: Thu, 18 Jul 2019 01:37:18 GMT
server: AmazonS3
etag: "659c4d58b00226541ef95c3a76e169c5"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: C8i8u7OJtyCuJmTpLYuwngLvmI7f6Ovg
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: sxLOgwEk8rFJXx62rTfRVp1Jbvd-LTHXm0y72kEIMsBuEfkDngcfWg==

GET
H3-Q050 200 7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVxVqHrzJoAw.woff
fonts.gstatic.com/s/muli/v22/ 14 KB
14 KB 35ms
21ms Font
font/woff 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVxVqHrzJoAw.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8175b4bea2cacc023541f555600613f590d1d03a43ab4c0c75953410d832158d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 17:15:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jul 2020 20:50:08 GMT
server: sffe
age: 77115
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14080
x-xss-protection: 0
expires: Sun, 12 Dec 2021 17:15:07 GMT

GET line-awesome.woff2
gadevo.level99.com.br/css/fonts/ 0
0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 56ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 69DA 0
0 6ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Dec 2020 09:58:13 GMT
expires: Sun, 27 Dec 2020 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 16929
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64632118-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2986
date: Sun, 13 Dec 2020 13:50:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 13 Dec 2020 15:50:36 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 121ms
105ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-818855868&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64632118-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5938077d55af82858a32a73d20669878e120d082f63eab3ac346d4b86fd2b6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38985
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 77ms
62ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-482527245&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64632118-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d54d18d362dc1232f8b7ffd87d2baa2d4f51d1bca4a1e7fe5a05d995a4c7d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38985
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 72ms
57ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-648389917&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64632118-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d49ea12204e6c801f2e81802a484fd6efb70cb946c92a3870b9074d35e3ac20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38985
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H2 403 line-awesome.woff
gadevo.level99.com.br/css/fonts/ 0
0 391ms
391ms Font
application/xml 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/fonts/line-awesome.woff?v=1.1.
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/config2.css?v=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://gadevo.level99.com.br/css/min/config2.css?v=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront), 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA2-C2, FRA56-C1
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: UwOuNdLPvEjAL-kvTumPqQ4BdmT9mB1n_mRUFxOsVt-84C3q3VmiUg==

GET
H3-Q050 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v17/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:53:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 362805
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
expires: Thu, 09 Dec 2021 09:53:37 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
394 B 47ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=454785714&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&ul=en-us&de=UTF-8&dt=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1595848564&gjid=965701371&cid=805959496.1607870423&tid=UA-64632118-1&_gid=1918311734.1607870423&_r=1&gtm=2oubu0&z=159589646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ganhedevolta.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
646 B 690ms
298ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.ganhedevolta.com.br&callback=_gfp_s_&client=ca-pub-3831231025825420

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

8ddb3a9ab2a15ab5b0c791f10c8c12d9b2b31082fc48823defbd36f453d3ca03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ganhedevolta.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ganhedevolta.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2075 0
0 395ms
395ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3831231025825420&output=html&h=280&slotname=5838259352&adk=3151081671&adf=1228456142&pi=t.ma~as.5838259352&w=1200&fwrn=4&fwrnh=100&lmt=1607870422&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607870422745&bpp=13&bdt=359&idt=122&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5068163093375&frm=20&pv=2&ga_vid=805959496.1607870423&ga_sid=1607870423&ga_hid=454785714&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2551888844072847&pem=628&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=a61hunISgk&p=https%3A//www.ganhedevolta.com.br&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3831231025825420&output=html&h=280&slotname=5838259352&adk=3151081671&adf=1228456142&pi=t.ma~as.5838259352&w=1200&fwrn=4&fwrnh=100&lmt=1607870422&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607870422745&bpp=13&bdt=359&idt=122&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5068163093375&frm=20&pv=2&ga_vid=805959496.1607870423&ga_sid=1607870423&ga_hid=454785714&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2551888844072847&pem=628&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=a61hunISgk&p=https%3A//www.ganhedevolta.com.br&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Dec 2020 14:40:23 GMT
server: cafe
content-length: 22886
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Dec-2020 14:55:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Dec 2020 14:40:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Sun, 13 Dec 2020 14:40:22 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FBAF 0
0 30ms
30ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3831231025825420&output=html&adk=1812271804&adf=3025194257&lmt=1607870422&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607870422809&bpp=2&bdt=422&idt=89&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5068163093375&frm=20&pv=1&ga_vid=805959496.1607870423&ga_sid=1607870423&ga_hid=454785714&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2551888844072847&pem=628&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3831231025825420&output=html&adk=1812271804&adf=3025194257&lmt=1607870422&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607870422809&bpp=2&bdt=422&idt=89&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5068163093375&frm=20&pv=1&ga_vid=805959496.1607870423&ga_sid=1607870423&ga_hid=454785714&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2551888844072847&pem=628&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 13 Dec 2020 14:40:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Dec-2020 14:55:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Dec 2020 14:40:22 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-64632118-1&cid=805959496.1607870423&jid=1595848564&gjid=965701371&_gid=1918311734.1607870423&_u=IEBAAUAAAAAAAC~&z=602515083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 13 Dec 2020 14:40:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.ganhedevolta.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-64632118-1&cid=805959496.1607870423&jid=1595848564&_u=IEBAAUAAAAAAAC~&z=766717551

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 50ms
31ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-64632118-1&cid=805959496.1607870423&jid=1595848564&_u=IEBAAUAAAAAAAC~&z=766717551

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 1047ms
198ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-818855868&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Dec 2020 14:40:23 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=454785714&t=event&_s=2&dl=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&ul=en-us&de=UTF-8&dt=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blocking%20Ads&ea=No&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=805959496.1607870423&tid=UA-64632118-1&_gid=1918311734.1607870423&gtm=2oubu0&z=1705464436

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 17:17:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET line-awesome.ttf
gadevo.level99.com.br/css/fonts/ 0
0

GET
H2 200 5wv1ng0w.json Show response
l.getsitecontrol.com/ 26 B
758 B 615ms
363ms XHR
application/json 89.187.169.26
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/5wv1ng0w.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/5wv1ng0w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: br
cdn-edgestorageid: 657, 617
x-amz-request-id: DF727F6C9BB8EF78
cdn-cachedat: 2020-11-28 04:28:34
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: R1P/oXPRCg2ECduq5jAE9ZAXX3qab9FWjz86PuIeR2/sxsYVVUFoI51L4AXwpECGNazxR3wQ7pQ=
access-control-allow-origin: *
last-modified: Sat, 28 Nov 2020 00:05:11 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: 074b87a081999bae9b266bd8c8502092
cdn-requestcountrycode: NL
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/818855868/ 2 KB
1 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818855868/?random=1607870424378&cv=9&fst=1607870424378&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07bd5bec7516b648f9e2f9acb2dc368d98889e78c1327e6148b71205afd09350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/818855868/ 2 KB
1 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818855868/?random=1607870424387&cv=9&fst=1607870424387&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcbd1d0c60b2b626bf3b333396cf8d900d0e5b3eb8d05becc5a74497f3dbadcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/482527245/ 2 KB
1 KB 323ms
322ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/482527245/?random=1607870424393&cv=9&fst=1607870424393&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c1a2f4730213108b236bad986a7dae0188cd302679a2a3597e06ffa2e5397bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/482527245/ 2 KB
1 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/482527245/?random=1607870424395&cv=9&fst=1607870424395&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41bf7cbb88d0c18fc870513b5983171fdf59d900201b39307167b55acc50274d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648389917/ 2 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648389917/?random=1607870424398&cv=9&fst=1607870424398&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54fec3574165c4639182d475534c20095c2d865d8a9234dfc3126ae8e10b7131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648389917/ 2 KB
1 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648389917/?random=1607870424400&cv=9&fst=1607870424400&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45d8b824e8ec71abd03631805a0205a10b6dc5105c404042953c7b792dddf39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/648389917/ 42 B
530 B 69ms
52ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648389917/?random=1607870424398&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=339678788&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/648389917/ 42 B
530 B 54ms
33ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/648389917/?random=1607870424398&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=339678788&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/818855868/ 42 B
66 B 22ms
20ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/818855868/?random=1607870424378&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=1978586981&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/818855868/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/818855868/?random=1607870424378&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=1978586981&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/818855868/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/818855868/?random=1607870424387&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=3066677197&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/818855868/ 42 B
66 B 24ms
24ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/818855868/?random=1607870424387&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=3066677197&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/482527245/ 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/482527245/?random=1607870424395&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=376922487&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/482527245/ 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/482527245/?random=1607870424395&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=376922487&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/648389917/ 42 B
66 B 24ms
24ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648389917/?random=1607870424400&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=3234627173&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/648389917/ 42 B
66 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/648389917/?random=1607870424400&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3DNo%3Bevent_category%3DBlocking%20Ads&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=3234627173&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/482527245/ 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/482527245/?random=1607870424393&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=2545409525&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/482527245/ 42 B
66 B 25ms
25ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/482527245/?random=1607870424393&cv=9&fst=1607868000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ganhedevolta.com.br%2Fplugin%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dlottoland-megavirada-19&tiba=Adicione%20a%20extens%C3%A3o%20do%20Ganhe&async=1&fmt=3&is_vtc=1&random=2545409525&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/ej5bet0w
https://js.intercomcdn.com/shim.latest.js

12 KB
5 KB

299ms
163ms

Script
application/javascript

65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dd35c94839b0026ff70f2701db20956cd21a2af54f3c1955af4ecddd1b520e3

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 14:36:30 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 16:51:27 GMT
server: AmazonS3
age: 236
etag: "835f7e15e1c8e9c9b32f4680412bcf7d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4391
x-amz-cf-id: I6LeHYqnDb0lsJgA6hUjJTG8Sgfkm4KA6e7A-8_y_iMJJ_nQy-vUSg==

Redirect headers

date: Fri, 04 Dec 2020 12:40:10 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
server: AmazonS3
age: 784816
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: AMS1-C1
content-length: 0
x-amz-cf-id: w9OnU1AhHO_4cW8Y8FuaHM-Hx9nssInoZaydCUeW2P6GxsIV0OPGMQ==

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e389049a8f3163fc98a4e0a173b2fad6535806eb1fad7b8a02ff7ea86dc785b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6546
x-xss-protection: 0

GET
H2 200 svgicon.svg Show response
www.ganhedevolta.com.br/images/icons/ 1 MB
255 KB 1119ms
314ms XHR
image/svg+xml 67.225.224.210
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ganhedevolta.com.br/images/icons/svgicon.svg

Requested by

Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/js/svgicon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.225.224.210 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

cdb9ac38e0ed8c3949d79bd2cbb7947790f98be0d7ec100b6198f977e248fcad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Jul 2019 00:27:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 12 Jan 2021 14:40:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 13 Dec 2020 14:40:24 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3008 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sun, 13 Dec 2020 14:24:19 GMT
expires: Mon, 13 Dec 2021 14:24:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 965
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
31 B 15ms
15ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=2551888844072847&bg=!oKOlo4PNAAXKjztBylgeaPyD5pFdEwIAAABNUgAAAA1oAQcKASxOLSd4WitMQ0pon9ihWJSUVSCnCZY8Zg8yG-JojgtaF2pjt7ZvrqUiURuQbFxtnRDH7_VKWWB4VnODtxjFZnRDduWarO5qL6oRII8k4qh8XBz76H0x-aUS1qPf28wIVzDzi6DLdoeKbcMfY23F7eIAky425wza3pK5Mc5C3g7p4xs8mtwaHUGT-1-iQmeRmDHMFKQPB2hCWz-ShXupBmDRLg1slktgX1JRsKsRU3Vi5TjXri-OvXMwjrc7cw6MpyHecWe7xrsb5PtsXezm0TVluC8a0BeaB5-BpxK9sPo3WGQtjU53udCwWayVBbXJM7eqBFzc4aHs4mZlKTpO7CXw_c_3XbyjGCQEbfkRnK5WGEHiat3obp7tGkt-CJwk9SPfDFoNrOO17j3atcOZAcBlr0CfpOyuG_NnMIbZImOPUP-n73lTUMfcOBI8Yj0aQ-z8mEw0vI_sHLjdhD5npPiF067D-F3VpJFsqr_mRN1t2FdXZdmb6ey4NFvqqctq8WE3WSuMklzLHFyxqNgsI4KDPapW2xrTl-79yp37lk6NxcB11kqhV87w6R0R8xdPqFcKgB8Xt-dGBBDbSI79vyfkTanUN66S1AoEfCdbudtJ1R4N71q5HwgaR7TrPqzOR8QUdOjin2T0bp-6-QUyBEu4UlCmew2wpRiL06dZF_kpzKCmhOg_ro6c4PZL4XbdpupUtwYHzpubzPtgTbxsb_x82ftEeRCbvODg1E8uiCHDs1Lo1O9HY7HEvFfFK6SXpq7cScKqn4tDasC6HjYJQGX4mrzRz04pV7Gqkv2-rq_sSaitkbMyb9_FkjjF1NQn50mlYR4WExeHcyXwar2-scW1b_03VFqDwCDl7sWAfTW0pPlX8h-o9gDZM_W-7zKVX_ujiAK3XXcqONArHyiSOLaeUuz-jF4sBttlKOJp3HC3XZyWbmk0LwqACCCyag321rJCwV4NxMS2ZyBKDLj6Q5SeQp3ub6ooniYSoKc8_b_X

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 14:40:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 frame-modern.33ae137a.js Show response
js.intercomcdn.com/ Frame 91A7 238 KB
64 KB 98ms
96ms Script
application/javascript 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.33ae137a.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ej5bet0w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a7177a03fc0b3972c8e3a50958ab6e41a874e9677647919e93e47016b0f3d34

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 12:51:29 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 16:43:40 GMT
server: AmazonS3
age: 6536
etag: "81e6d695e06045c2faaa55d0ff968280"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 65416
x-amz-cf-id: 4zVXC7aW-X4CUkrEIKsMR0XcLD9dH3w-R38qCueU4jAzOfCitA5ERg==

GET
H2 200 vendor-modern.0c2b9ae1.js Show response
js.intercomcdn.com/ Frame 91A7 123 KB
38 KB 98ms
97ms Script
application/javascript 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.0c2b9ae1.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ej5bet0w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d962a4d6760da83dd2bd87f02eb3a9e2a35a8cbe902d5467340b71dd7b0adcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 13:26:00 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 11:17:39 GMT
server: AmazonS3
age: 4466
etag: "f8d103d178a4929fa3da81751406719c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 38315
x-amz-cf-id: g-DkPyThvt2uZaY0J2eU7Ki1-gOT0OM0_FDPz-nAirxI2DmZkHBhjg==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 91A7 4 KB
2 KB 684ms
393ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33ae137a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

9cb23c72dd7740323de910f8405274b9b9c507754dc3724fadc98d6dbdf09888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 13 Dec 2020 14:40:26 GMT
content-encoding: gzip
x-ami-version: ami-04a8a471b0875e008
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0027baa8e011vnignrc0
x-runtime: 0.246984
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"9cb23c72dd7740323de910f8405274b9"
x-ratelimit-remaining: 19986
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ganhedevolta.com.br
x-intercom-version: ebd4534c1e6f36e1c1818e5e94a67b672932d8e7
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1607870460
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 Simple-Line-Icons.woff
gadevo.level99.com.br/css/fonts/ 58 KB
59 KB 16ms
15ms Font
application/x-font-woff 2600:9000:206f:dc00:1a:fe90:480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gadevo.level99.com.br/css/fonts/Simple-Line-Icons.woff
Requested by: Host: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/min/font-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:1a:fe90:480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 357af00e9f4081d40ba58b92be04ca240a1ce6dee7f8b83461f0922a56e8c4b7

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://gadevo.level99.com.br/css/min/font-icons.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 16:59:46 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront), 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
age: 682840
x-cache: Hit from cloudfront
content-length: 59324
last-modified: Fri, 20 Oct 2017 21:32:06 GMT
server: AmazonS3
etag: "ff94ad94c3a9d04bd2f80cb3c87dcccb"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 9qUnKzQTVMCU.AEdiKsigOlQ1Kxfh4am
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-cf-pop: FRA2-C2, FRA56-C1
accept-ranges: bytes
content-type: application/x-font-woff
x-amz-cf-id: Lk7vqqsGJZ26YWAz13PDSk5oo73KX_AHCVApGb_YZBS7ScVIL481dQ==

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,600,700|Crete+Round:400italic|Open+Sans:300,400,500,600|Muli:300,400,400i,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 01:15:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 48283
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Mon, 13 Dec 2021 01:15:42 GMT

GET
H2 200 vendors~app-modern.bffe18bf.js Show response
js.intercomcdn.com/ Frame 91A7 322 KB
97 KB 89ms
89ms Script
application/javascript 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.bffe18bf.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33ae137a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb8f3ac013af0eea8c62edcdd585db558c2e8a90a93f0155594a25c3c2b2511d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 12:40:49 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 12:35:59 GMT
server: AmazonS3
age: 7184
etag: "659540f03a5b8fc940c5929f319c8c62"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 98468
x-amz-cf-id: tNWEFzSw79tbhHmrYCax3JfKqOU9tPZuI6fmCpSex1bBnFsrOQISsg==

GET
H2 200 app-modern.87811eac.js Show response
js.intercomcdn.com/ Frame 91A7 674 KB
159 KB 89ms
89ms Script
application/javascript 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.87811eac.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33ae137a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca9effd6561e8cf8b79281e60f441986dbf23ebb67b020f08ca164a78cc595b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 12:51:41 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 16:43:40 GMT
server: AmazonS3
age: 6531
etag: "079669b6f48b01c2089813f9435d4214"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 162079
x-amz-cf-id: OtMbPnDKKCuongaTrABZ6W3CU-dx4l4tvO0gKRWUI2zJxHCl9ADskg==

GET
H2 200 launcher-discovery-modern.d7a941ab.js Show response
js.intercomcdn.com/ Frame 91A7 6 KB
2 KB 356ms
355ms Script
application/javascript 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/launcher-discovery-modern.d7a941ab.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33ae137a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a40b58bb23c73d9eb2dbbeaf6c8e030109a5276663b1dd358a3fb5d683436ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 13:28:02 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 11:17:39 GMT
server: AmazonS3
age: 4359
etag: "5b0a3d808e77a136f64bcf02d05ab00d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 2117
x-amz-cf-id: w6HyCvZF6iFYLMefAKAFoFRfdwK7Wdz_Jt6XIf_WQ32VSompiIOzBQ==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 77FD 28 KB
29 KB 549ms
412ms Font
font/woff 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: www.ganhedevolta.com.br
URL: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin: https://www.ganhedevolta.com.br
Referer: https://www.ganhedevolta.com.br/plugin?utm_source=email&utm_medium=email&utm_campaign=lottoland-megavirada-19
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:34 GMT
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Fri, 11 Dec 2020 16:43:40 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ixzaPcWMFrHA_gqJrILC7q9ZcLmY-EF_h8Yr_UFnmQJoX3FF1_7MEg==

GET
H2 200 ganhe-1527088593.png
static.intercomassets.com/avatars/2077988/square_128/ Frame 77FD 13 KB
14 KB 923ms
644ms Image
image/png 65.9.68.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/2077988/square_128/ganhe-1527088593.png?1527088593
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79c70eea7073c479719a15394d99c3a5199c03dff0546f2cec3ad4a7817883b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 14:40:34 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Wed, 23 May 2018 15:16:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "296e0425afc2df18d64d6ebd0cffdc65"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13684
x-amz-cf-id: 6AYJnH6Td4gLoSb9I3hcxMO1PazRNjYxlF1CJNetbC5-H-T08glwAg==

GET
H2 200 ganhe-1522455393.png
static.intercomassets.com/avatars/1920974/square_128/ Frame 77FD 13 KB
14 KB 495ms
216ms Image
image/png 65.9.68.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1920974/square_128/ganhe-1522455393.png?1522455393
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb637827f6ce08915584eecefc58a3d9d5aa92aa7f0996d79cf9b8f0bbc8eaac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 23:11:45 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Sat, 31 Mar 2018 00:16:34 GMT
server: AmazonS3
age: 55729
etag: "153b554194e394e8b11bb7f0516f48b4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 13684
x-amz-cf-id: zfRmJWnUZQYT5Js8QabMEVU5RTwYx-esXCw4neh_pqdNuvI02_4IgQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/fonts/line-awesome.woff2?v=1.1.

Domain: gadevo.level99.com.br
URL: https://gadevo.level99.com.br/css/fonts/line-awesome.ttf?v=1.1.

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ganhedevolta.com.br/	1970-01-19 23:59:26	Name: __gads Value: ID=6e29840df53580aa-2253aebe8aa600c6:T=1607870423:RT=1607870423:S=ALNI_MaM_ZkojQtemSapzjbPwvDM3YEpyg
.doubleclick.net/	1970-01-19 23:59:26	Name: IDE Value: AHWqTUkVC8Lc_H2lIb-woX_zl0l632VtWTlVmTdPUhKBvkrkzzI18SmdJjjkq3_v
.ganhedevolta.com.br/	1970-01-19 14:37:50	Name: _gat_gtag_UA_64632118_1 Value: 1
.ganhedevolta.com.br/	1970-01-19 14:39:16	Name: _gid Value: GA1.3.1918311734.1607870423
www.ganhedevolta.com.br/	1970-01-19 15:21:02	Name: idioma Value: pt
.ganhedevolta.com.br/	1970-01-20 08:09:02	Name: _ga Value: GA1.3.805959496.1607870423
www.ganhedevolta.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: nm65kp89h4dpeo5rdhgrs3a5b2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-iam.intercom.io
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
gadevo.level99.com.br
googleads.g.doubleclick.net
js.intercomcdn.com
l.getsitecontrol.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.intercomassets.com
stats.g.doubleclick.net
tpc.googlesyndication.com
widget.intercom.io
www.ganhedevolta.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
gadevo.level99.com.br
172.217.22.2
216.58.212.130
2600:9000:206f:dc00:1a:fe90:480:93a1
2606:4700::6812:e234
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:817::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9d
65.9.68.110
65.9.73.26
65.9.73.61
67.225.224.210
75.2.88.188
89.187.169.26
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
06f328eb3645b6e38308dbd5901b346a7cda4c851b71b125364621762c7df97f
07bd5bec7516b648f9e2f9acb2dc368d98889e78c1327e6148b71205afd09350
0f15054ca682646aa47ad0a50cf8d248dd62419877a061d53cebb3d54e52ac12
10228a1b47a32ae817f99f89a5433ee86a655f32ad1a6ce7b99ae2ee399b2107
13de66596d19798ffdcad167e0913ab7afddc5ad944f669242dbeb87814843d4
16e86c03ae5f88747ce638b667c3bff4e6274ae45e1f90d8abfb512a926d93e5
197bb46f1142044a95d1be8497efa3bca746076e6e080b6379efab60ae1d97e5
1a40b58bb23c73d9eb2dbbeaf6c8e030109a5276663b1dd358a3fb5d683436ec
1ca197457402a1a0e536aac40c2afbca6e9c218f9c2a7deb5ff3e821edd7f0fe
1d54d18d362dc1232f8b7ffd87d2baa2d4f51d1bca4a1e7fe5a05d995a4c7d30
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3
2757180d0795291e5774a09b642b6c883006958eaebb585580688d72ff5c7fc8
2bdc330c8812ddfd4f19b00b478c95cefecb7a96714c68307d148c15258c7fbe
3086bde63df3da1fafbd569293e0102a896f6bb8c4f61c7727480f345c2664a7
357af00e9f4081d40ba58b92be04ca240a1ce6dee7f8b83461f0922a56e8c4b7
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
3916385d93833263bf138311d891123b5bdb74cf6f9840cc4334c59a019018e8
3a7177a03fc0b3972c8e3a50958ab6e41a874e9677647919e93e47016b0f3d34
411229a15747841322e4bc1c0734be37dd59d2458013993c96a708c464b1d389
41bf7cbb88d0c18fc870513b5983171fdf59d900201b39307167b55acc50274d
478d838ee8045299b2ddfd875ed948e753a68ecd8f9fd0bf23c42b3246b4e151
48e97e266d4613cd3fd50531501932f3aef33666a2174f9e4cf4b3d288c0d52b
4e389049a8f3163fc98a4e0a173b2fad6535806eb1fad7b8a02ff7ea86dc785b
4fee315f05a9ba9ae03be3c83c86b4f98ff828fc5140567e69c6947157388fe3
5460dd6ee036f7e4dc93fd17bf42ecb9269bb420d8a823bf50fd72a12b68ea63
54fec3574165c4639182d475534c20095c2d865d8a9234dfc3126ae8e10b7131
5938077d55af82858a32a73d20669878e120d082f63eab3ac346d4b86fd2b6bc
5cff39eb570874de5245ea31068aeff355661b2300909a2d26e8f970922ec22b
5d962a4d6760da83dd2bd87f02eb3a9e2a35a8cbe902d5467340b71dd7b0adcd
5dd35c94839b0026ff70f2701db20956cd21a2af54f3c1955af4ecddd1b520e3
5e393dd2e8b97bca574c7aab1fe5ded43c3e8953cfd333841fad6af88f33fdc9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
66c655485a0d24a86d7ac0e357f3f06e927dd022222ab0d4397d178a7ad639bd
6c1a2f4730213108b236bad986a7dae0188cd302679a2a3597e06ffa2e5397bc
6d98c455092a335a3ace1d1e561c3670761cdf26e2c9b574f41a69cd2d0f6b1f
6fa0900b5041aafebf571ec9c905fbb21f3fab9605691e689cead6d78becac30
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
70c0cadbd344452ae97322123c0c93a89d20a7e73f3ae421f880db573ae87cdb
721ebb78c42307475a4a7e4a21dfc5640ac161714561120000a42dda107e81c2
73bf7a379d8d8f21c087ceca904f84368a6df4184dba94b4549a0b61de2182ba
79c70eea7073c479719a15394d99c3a5199c03dff0546f2cec3ad4a7817883b5
8175b4bea2cacc023541f555600613f590d1d03a43ab4c0c75953410d832158d
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8b5baf4bb1e566a7354b4c8ace72e43bc6fd4d95be0dd856b8ed055c0b23bd82
8c44261d0f5a6a71a96ceda0450b8a18592baf09d3f2c4d028f14776db87ebe7
8ddb3a9ab2a15ab5b0c791f10c8c12d9b2b31082fc48823defbd36f453d3ca03
95579100806e9a941176021ef36fd75d3183a7bd69a61d26fd9209283d36e6aa
999e75f4cba313605a7f91a0920dbbb9262701d72ddaae8dd77e46e0abb8a8b6
9a8f5cf60fa6ae36a648dc297890cce693eac10c523ab4d687afeb992f9ad401
9ca9effd6561e8cf8b79281e60f441986dbf23ebb67b020f08ca164a78cc595b
9cb23c72dd7740323de910f8405274b9b9c507754dc3724fadc98d6dbdf09888
9d49ea12204e6c801f2e81802a484fd6efb70cb946c92a3870b9074d35e3ac20
9d58685764b886da7590b05ef668f30067a6c4f4064d397a941b4767b0240883
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
b9949336a14df9ef65fe488c4ac408d6f4650b6807fe39b23764ba23d4c3ff58
be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c45d8b824e8ec71abd03631805a0205a10b6dc5105c404042953c7b792dddf39
cdb9ac38e0ed8c3949d79bd2cbb7947790f98be0d7ec100b6198f977e248fcad
d871d97c4e836811f8122ec2303f6af7950054f6c2bdd3ba736e85482c5221aa
dcbd1d0c60b2b626bf3b333396cf8d900d0e5b3eb8d05becc5a74497f3dbadcc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea73eeca307feefb58351c873056d6110ded24a0d449e15481b14fc7284878f
dff6f4d907290bdbe74812bf73b590f268694e0a30e64b4bb24b803a47b3e319
e0410688e37aa7bc00d77a519d6860fccd83dbd525707b88b77e99a4d466eb5a
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e45fea1ffd0d67291b48a474967c73e08f2effa46bcf94f7342a697abd00d8f2
e7b50448486996e0fdf28f2836f5de5b305b65e69462bf64835a1fea6b45b307
e81fd37365b9507105d57d90960c8c45ddc7d212a459470bc06bc4cc1588212c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f1b920399b28638313e2a971a282204a6b67e7a27500754c1adffe6dc9e88b
fb637827f6ce08915584eecefc58a3d9d5aa92aa7f0996d79cf9b8f0bbc8eaac
fb8f3ac013af0eea8c62edcdd585db558c2e8a90a93f0155594a25c3c2b2511d
fc5507a48dc0258f7ca9325fef77c9508bfb4755e82c1074ed82d75c7fbe9472
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

www.ganhedevolta.com.br Open in urlscan Pro 67.225.224.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

107 Requests

98 %HTTPS

60 %IPv6

17 Domains

23 Subdomains

20 IPs

3 Countries

1905 kBTransfer

5787 kBSize

7 Cookies

8 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ganhedevolta.com.br Open in urlscan Pro
67.225.224.210 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

98 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

20
IPs

3
Countries

1905 kB
Transfer

5787 kB
Size

7
Cookies

107 HTTP transactions
0 data transactions