tourovpn.com.br Open in urlscan Pro
51.222.88.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tourovpn.com.br/
Submission: On March 26 via automatic, source certstream-suspicious (March 26th 2023, 11:56:22 am UTC) — Scanned from CA

Summary HTTP 117 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 26 domains to perform 117 HTTP transactions. The main IP is 51.222.88.201, located in Canada and belongs to OVH, FR. The main domain is tourovpn.com.br.
TLS certificate: Issued by R3 on March 11th 2023. Valid for: 3 months.

This is the only time tourovpn.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	51.222.88.201 51.222.88.201	16276 (OVH) (OVH)
9	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
6	23.41.168.23 23.41.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2	96.17.64.29 96.17.64.29	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
4	23.34.248.177 23.34.248.177	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.117.182.8 104.117.182.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.215.130.171 23.215.130.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.76.104.25 104.76.104.25	16625 (AKAMAI-AS) (AKAMAI-AS)
3 16	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
4 4	64.74.236.159 64.74.236.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	52.0.142.7 52.0.142.7	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	96.6.23.74 96.6.23.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:25c... 2600:9000:25c8:9c00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	2600:1f18:445... 2600:1f18:445b:902:bbbf:5bf8:ab61:bf38	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
117	25

15 51.222.88.201 (Canada)

ASN16276 (OVH, FR)
PTR: vps76202.cloudpublic.com.br

tourovpn.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tourovpn.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:820::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.17.64.29 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-29.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80e::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.34.248.177 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.182.8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-8.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.130.171 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-171.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.76.104.25 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-104-25.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.32.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.74.236.159 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.142.7 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-142-7.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.175.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.6.23.74 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-23-74.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:9c00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:902:bbbf:5bf8:ab61:bf38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	44 KB
20	google.com adservice.google.com — Cisco Umbrella Rank: 68 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1980 www.google.com — Cisco Umbrella Rank: 2	58 KB
18	media.net contextual.media.net — Cisco Umbrella Rank: 587 warp.media.net — Cisco Umbrella Rank: 2190 hblg.media.net — Cisco Umbrella Rank: 1807 lg3.media.net — Cisco Umbrella Rank: 5004 cs.media.net — Cisco Umbrella Rank: 1371	371 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	238 KB
15	tourovpn.com.br tourovpn.com.br www.tourovpn.com.br	122 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 547	3 KB
4	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1880 pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 17688	69 KB
4	gstatic.com fonts.gstatic.com	71 KB
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 14476	818 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	7 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 549	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1227	616 B
2	bluevoox.com 2 redirects im.bluevoox.com — Cisco Umbrella Rank: 12819	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	97 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1257	496 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1723	297 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10811	338 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 648	721 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6803	624 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2923	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 644	994 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 660	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	609 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	254 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	78 KB
117	26

	Domain	Requested by
16	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com tourovpn.com.br
11	www.tourovpn.com.br	tourovpn.com.br www.tourovpn.com.br
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	tourovpn.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
4	b1sync.zemanta.com	4 redirects
4	lg3.media.net	googleads.g.doubleclick.net tourovpn.com.br
4	hblg.media.net	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	tourovpn.com.br	tourovpn.com.br
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.ca	pagead2.googlesyndication.com
3	cdnjs.cloudflare.com	tourovpn.com.br cdnjs.cloudflare.com
2	c1.adform.net	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	im.bluevoox.com	2 redirects
2	cs.media.net	contextual.media.net
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net
2	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	warp.media.net	googleads.g.doubleclick.net
1	trace.mediago.io	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	s.uuidksinc.net	1 redirects
1	d.agkn.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	a.rfihub.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.tourovpn.com.br
1	www.googletagmanager.com	tourovpn.com.br
117	36

This site contains links to these domains. Also see Links.

Domain
www.tourovpn.com.br
silktide.com
www.mediafire.com
mega.nz

Subject Issuer	Validity	Valid
www.tourovpn.com.br R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://tourovpn.com.br/
Frame ID: 94C33DDDCE9804767C9D4397899894B5
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 2EC70D94E6C2E31400B70B270013AE1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2137766368830030&output=html&adk=1812271804&adf=3025194257&lmt=1679831774&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Ftourovpn.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831773783&bpp=53&bdt=149&idt=312&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6540198378448&frm=20&pv=2&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=360
Frame ID: 41A2AF0ABFE11CD03F9EF0335EDC28AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251
Frame ID: 8E281100F5B9AB1D0FA6D1E9A24C8088
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260
Frame ID: D8AB0A5536AF2D73D63225F2E76520DD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=240&adk=3547372798&adf=547864405&pi=t.aa~a.2626600918~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x240&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=3461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rRqr7Ann9E&p=https%3A//tourovpn.com.br&dtd=268
Frame ID: 67ED542EB359039A58A251459418EFE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=280&adk=457172810&adf=1362843711&pi=t.aa~a.144483688~rp.1&w=1024&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=1024x280&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600%2C300x600%2C300x240&nras=5&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=4232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ljg59jcQlB&p=https%3A//tourovpn.com.br&dtd=274
Frame ID: 589CF0E2716B37B6B46D569094C6E4EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=90&adk=1468129556&adf=848236959&pi=t.aa~a.144512785~rp.1&w=1024&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=1024x90&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774399&bpp=1&bdt=765&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600%2C300x600%2C300x240%2C1024x280&nras=6&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=4786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=p6cz9d8atA&p=https%3A//tourovpn.com.br&dtd=516
Frame ID: AF45935878F3AE8777896714FC4AB7E1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: E0DB3C5AEE5E9045155B69F85D2B9F21
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C1A0783A6234584D10960B24B7662F1
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 47935C9935592AEDA852034CCA4E47F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BFC45AB62D6E5B9F9477C8FF2D7D5E5
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6DB3A949022D756EBE9DC44EE639CC3E
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: A6511A833B21EF877A0030B08DE502E6
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 324156DE76D62AF8127BCA86ACD175F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 442373DDC3F0CA221AF65FFEF4EFF34F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

| TOURO VPN

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

85 %
HTTPS

48 %
IPv6

26
Domains

36
Subdomains

25
IPs

4
Countries

1158 kB
Transfer

3149 kB
Size

28
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tourovpn.com.br/termos
Title: Leia

Search URL Search Domain Scan URL

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/
Title: TOURO VPN

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/tutoriais
Title: Tutoriais

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/baixar-aplicativos
Title: Baixar Aplicativos

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/arquivos
Title: Arquivos Gratuitos

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/ssh-gratis
Title: SSH Grátis

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/revenda-ssh
Title: revenda-ssh

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/contato
Title: Contato

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/plano-usu%C3%A1rio-a
Title: Plano usuário A

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/touro-vpn-pc
Title: TOURO VPN PC

Search URL Search Domain Scan URL

URL: https://www.mediafire.com/file/mtrwampisr4w5a7/SVI451Setup.zip

Search URL Search Domain Scan URL

URL: https://mega.nz/file/bcJXDISA#A_JrNwVGxR7mWwHpx0pIRNOjAWLINq9x0BEjvCNV88M
Title: Baixar SVL INJECTOR

Search URL Search Domain Scan URL

URL: https://www.mediafire.com/file/wj2jpses40hqz99/NetMod_x86%2528Latest%2529.exe
Title: Baixar NET MOD

Search URL Search Domain Scan URL

URL: https://www.tourovpn.com.br/utilize-nossos-aplicativos-com-ssh-gratis
Title: Utilize nossos aplicativos

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIyODMzMzc1MTQ1NTIzNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1

Request Chain 79

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAMIFWYIoq-2aHvWlfQIsvk&google_cver=1&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxRsfqkkPpmqWsSHuTVDxJ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAMIFWYIoq-2aHvWlfQIsvk&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxRsfqkkPpmqWsSHuTVDxJ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxRsfqkkPpmqWsSHuTVDxJ&google_hm=Qk1mdHQ4NUJ1NTRVRy1SRUZrdWI=

Request Chain 80

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEN7TRbx9gN33Jb7oHhj4Bjw&google_cver=1&google_push=Aer7DvJfi9C7exvn0tT-xGZ3KhxAvb4J_phTAT7LH43_CnW9fardRYP_dGlYjJ-hdjfEFr1pMVzLzpuF16T3frjxYS05yVntADBMtsmY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=Aer7DvJfi9C7exvn0tT-xGZ3KhxAvb4J_phTAT7LH43_CnW9fardRYP_dGlYjJ-hdjfEFr1pMVzLzpuF16T3frjxYS05yVntADBMtsmY

Request Chain 81

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEN2lsf_wsWbZXx5BWYjDN-A&google_cver=1&google_push=Aer7DvL2PYGdCfKAS1i6EiPhMYdfXFZaExaRgLbN3XvY1QKqA2K40KyrKf-ZwZIUYmOqr72w3XguK0hfFx8qd5qi0IpTp3XdZIhZxj2sRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvL2PYGdCfKAS1i6EiPhMYdfXFZaExaRgLbN3XvY1QKqA2K40KyrKf-ZwZIUYmOqr72w3XguK0hfFx8qd5qi0IpTp3XdZIhZxj2sRA&google_hm=QlMuNDEwZS0wNjZmLTQ1YmItOWE1Mg==

Request Chain 82

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHAJGJee8h4S7EFYbs4Auxo&google_cver=1&google_push=Aer7DvL3OeSv9WJ_SvmEP38F2923lXnEv-oUS5YgY-oGHZ1anyL1NXLwF6TTIOjnsg-njh8iIh7mK3hwpaqhkfl7BlZXDQX-_Uve9An5QA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvL3OeSv9WJ_SvmEP38F2923lXnEv-oUS5YgY-oGHZ1anyL1NXLwF6TTIOjnsg-njh8iIh7mK3hwpaqhkfl7BlZXDQX-_Uve9An5QA&google_hm=NTg4NDM3NTU5OTI3MzM4MTkxMQ==

Request Chain 83

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEHN_oBJ6ncmQ-T5MbzggmqE&google_cver=1&google_push=Aer7DvIB-mMZTE0FzSElTjLJ2MgH8qWqvBpJ8pZ3uRo3U1ktIqnY3wAArN8sFZYR7GRXEXPbjt7gLKYeLynyAK-5gj4y1z99cVbsORg5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvIB-mMZTE0FzSElTjLJ2MgH8qWqvBpJ8pZ3uRo3U1ktIqnY3wAArN8sFZYR7GRXEXPbjt7gLKYeLynyAK-5gj4y1z99cVbsORg5&google_hm=T5vCruTjS3K4P62nuT9Tirg

Request Chain 84

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJNRWVuwbN576LJW01v6xyI&google_cver=1&google_push=Aer7DvJ-DkTHPZaufZC0yAGUgXqsHV98z9lJ89908-xQcZmkUJPXKxb2w1hoqTwtLzu0EQVelhU25lb1Ts9aAHuaZTFZ7x7HwepOMbxX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTQ3ODgxM2QtN2U5ZC00ZjI2LThjYjQtZjU3NTVmYWQ5NjMz&google_push=Aer7DvJ-DkTHPZaufZC0yAGUgXqsHV98z9lJ89908-xQcZmkUJPXKxb2w1hoqTwtLzu0EQVelhU25lb1Ts9aAHuaZTFZ7x7HwepOMbxX HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 86

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIyODMzMzc1MTQ1NTIzMTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1

Request Chain 87

https://d.agkn.com/pixel/2175/?google_gid=CAESEKnmxIN43Pl_jJsj5zHQhxM&google_cver=1&google_push=Aer7DvIA7_TGpxd_Aqrf41__2VZGwSbWX6MeULUZqKZr0tufILhjoKUk0xYgNiliceEPja1gOYMBrSGkZQHrhsxZtbyoFEcyAIlpaIq00RK-cER56O9PRO82FOfjtzNntUMHkYV2mWF6MlwUCb4G1-CRBWbeMfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvIA7_TGpxd_Aqrf41__2VZGwSbWX6MeULUZqKZr0tufILhjoKUk0xYgNiliceEPja1gOYMBrSGkZQHrhsxZtbyoFEcyAIlpaIq00RK-cER56O9PRO82FOfjtzNntUMHkYV2mWF6MlwUCb4G1-CRBWbeMfw&google_hm=Q0FFU0VLbm14SU40M1BsX2pKc2o1ekhRaHhN

Request Chain 88

https://s.uuidksinc.net/match/47/?remote_uid=CAESEMI0OuNxFzPqaKXFsU0Vyqk&c_param1=Aer7DvKculQ1EwD3kbuB9kiTg0LkPOtOgVGFb0wFxGIw7yPNVhSU3UvGCVtbino5VxlyGd5Ob1-Vp2_qS2rBjQBB-NImH1VHUstlgXdLeYEmBCegpxePE9opFp5KTtEFRoWc1rVOlZbFqkkD5erLvQHHC_GCBg8&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvKculQ1EwD3kbuB9kiTg0LkPOtOgVGFb0wFxGIw7yPNVhSU3UvGCVtbino5VxlyGd5Ob1-Vp2_qS2rBjQBB-NImH1VHUstlgXdLeYEmBCegpxePE9opFp5KTtEFRoWc1rVOlZbFqkkD5erLvQHHC_GCBg8

Request Chain 89

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPq6gh7TNHWIHkwFx6f_KNI&google_cver=1&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eIjUeK4Aw-C42Pk3lI8lO3dG9pxmf9R8bf3HDg4Qxw_priJMzQJTgl9aleKL7RTqDrRFFvcFE5Ki7GX-mOg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPq6gh7TNHWIHkwFx6f_KNI&google_cver=1&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eIjUeK4Aw-C42Pk3lI8lO3dG9pxmf9R8bf3HDg4Qxw_priJMzQJTgl9aleKL7RTqDrRFFvcFE5Ki7GX-mOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5NTU5MjgyNzYyMDI0MzA3NA&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eIjUeK4Aw-C42Pk3lI8lO3dG9pxmf9R8bf3HDg4Qxw_priJMzQJTgl9aleKL7RTqDrRFFvcFE5Ki7GX-mOg

Request Chain 90

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDJrtW9H002wOVac2zjh_A&google_cver=1&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRiY7pg0Zk6XS9xYou8CfRPAngUZH2dy8vHnp8Lj2kbh9QUS8iMZtt8rgCuB7lW1l9-NXY_aoZ5lc HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFDJrtW9H002wOVac2zjh_A&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRiY7pg0Zk6XS9xYou8CfRPAngUZH2dy8vHnp8Lj2kbh9QUS8iMZtt8rgCuB7lW1l9-NXY_aoZ5lc&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRiY7pg0Zk6XS9xYou8CfRPAngUZH2dy8vHnp8Lj2kbh9QUS8iMZtt8rgCuB7lW1l9-NXY_aoZ5lc&google_hm=UFZzdVpnVjk3b3BUbmpIOTBNNDk=

Request Chain 92

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEC3HReBsWxSQYfUGy0mwhhw&google_cver=1&google_push=Aer7DvLmJo-M_6pI5_ma5q_qol3nK3iY9hdyRIua5x-7CzLlY0-oeQQW2mGIjth0lUtDitOVQXyDFSu979yw-hc3TRayPpvSu-mAmie6iFSztyaeZ6HRBf4vWni4q58WF4aXt8c5aAL2mieGyck_D1LYtjsqx2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLmJo-M_6pI5_ma5q_qol3nK3iY9hdyRIua5x-7CzLlY0-oeQQW2mGIjth0lUtDitOVQXyDFSu979yw-hc3TRayPpvSu-mAmie6iFSztyaeZ6HRBf4vWni4q58WF4aXt8c5aAL2mieGyck_D1LYtjsqx2w&google_hm=QlMuOGY1Yi1mOGVhLTQzZWMtYjFlNg==

Request Chain 93

https://trace.mediago.io/cs/google?google_gid=CAESEDZbZI-drXQpRijx4CO4ooU&google_cver=1&google_push=Aer7DvIbrDidcK_cPtjF9n7ItYcAkW17Bz3Ce-E9NcAMdzIdQiGTkHw1rBDIlLsh74kKGe1IhUmObtO4fJNIjKnRivX1JEsFxZk0p0VSKPjwS3s2qGQ5SWm9FsMFfpqq-gQElUuCqfX7mqdgoUVWQ7YkfrjDEtPi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvIbrDidcK_cPtjF9n7ItYcAkW17Bz3Ce-E9NcAMdzIdQiGTkHw1rBDIlLsh74kKGe1IhUmObtO4fJNIjKnRivX1JEsFxZk0p0VSKPjwS3s2qGQ5SWm9FsMFfpqq-gQElUuCqfX7mqdgoUVWQ7YkfrjDEtPi&google_hm=29fe4edc8a2521af3c47adaab7237220

117 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tourovpn.com.br/ 10 KB
3 KB 397ms
14ms Document
text/html 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) / tourovpn
Resource Hash: ce875ddfd5b68e8e4933ff40848905eefa53084f2c39fa699296056b41ca3738

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 3133
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Mar 2023 11:56:13 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
X-Powered-By: tourovpn

GET
H/1.1 200
OK tabela_preco.css
www.tourovpn.com.br/temas/TouroVPN/assets/css/ 4 KB
1 KB 41ms
11ms Stylesheet
text/css 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/css/tabela_preco.css
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 67305e2ad64822ba98c9d06fd51bd2693d9a757a63f0b52b6d076a313a3fd7fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 23:23:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "e9e-5f4d97a549f40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1060

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 95ms
45ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2137766368830030

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fc295c25bb1a8d15b856cfdc5e3d7ba30251f7b76daa103fc5b023fa269ce22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Origin: https://tourovpn.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48885
x-xss-protection: 0
server: cafe
etag: 7347579571627854687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:56:13 GMT

GET
H/1.1 200
OK main.css
www.tourovpn.com.br/temas/TouroVPN/assets/css/ 81 KB
11 KB 40ms
12ms Stylesheet
text/css 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/css/main.css?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9af458f7ed5ba14b87a3184ec48a13953e33339c6e1ea0bdf561fb3f8e261b15

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Feb 2023 15:37:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "14390-5f4bedd0af640-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10740

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 46ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9857849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1618
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AH9zjSgEny7KHYEjbmL53U78c24zz7Q1NRN9bV%2BlfxkNhKGkuASOzP6cUW4%2Fqmv7hh5m1mrZ%2BNKnOq25kX6y9ME24YXeAEdgYeUcYgTPuem6jG%2FjesV4b8MwD7RUOLuWxPH%2Bv96XQHE%2FbcoxeGNItnx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7adf35897bd24bcb-YUL
expires: Fri, 15 Mar 2024 11:56:13 GMT

GET
H/1.1 200
OK viewer.css
tourovpn.com.br/ligar/viewerjs/css/ 9 KB
3 KB 30ms
10ms Stylesheet
text/css 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tourovpn.com.br/ligar/viewerjs/css/viewer.css
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5c829c325c82a58132f0d2126e19252a18458a1e6c0019496a32b52ce867cc96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jan 2019 22:15:14 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "23ba-5808c02c82080-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3064

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 118ms
62ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RLT8WTQYN2

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0099412f64cc4e40a3b65d0cded01193b202712a96345826e16502b7125b1166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Mar 2023 11:56:13 GMT

GET
H/1.1 200
OK tourovpn.png
www.tourovpn.com.br/baixar/imagens/ 36 KB
37 KB 32ms
11ms Image
image/png 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourovpn.com.br/baixar/imagens/tourovpn.png
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c17924dae52b66967338fa290f175630d96b4c8a169ac2ad9cf2eb31438195d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Last-Modified: Thu, 20 May 2021 23:52:18 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "90fa-5c2cba2247080"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37114

GET
H/1.1 200
OK jquery.min.js Show response
www.tourovpn.com.br/sistema/js/ 87 KB
31 KB 14ms
13ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/sistema/js/jquery.min.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 15:07:43 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "15d84-5e817acb52dc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 30910

GET
H/1.1 200
OK jquery.scrollex.min.js Show response
www.tourovpn.com.br/temas/TouroVPN/assets/js/ 2 KB
1 KB 10ms
10ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/js/jquery.scrollex.min.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fc25b75fb3fc8b42756413be387e0d7a602813125283d2384551961d73ea784e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "8d1-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 917

GET
H/1.1 200
OK jquery.scrolly.min.js Show response
www.tourovpn.com.br/temas/TouroVPN/assets/js/ 831 B
888 B 14ms
13ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/js/jquery.scrolly.min.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8b6571ea2c3631ff50bb4b96e7f9081c6e33ebaadef9cb2ca5955d5e0b625a02

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "33f-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 539

GET
H/1.1 200
OK browser.min.js Show response
www.tourovpn.com.br/temas/TouroVPN/assets/js/ 2 KB
1 KB 22ms
13ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/js/browser.min.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "73b-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 831

GET
H/1.1 200
OK breakpoints.min.js Show response
www.tourovpn.com.br/temas/TouroVPN/assets/js/ 2 KB
1 KB 36ms
11ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/js/breakpoints.min.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "987-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 829

GET
H/1.1 200
OK util.js Show response
www.tourovpn.com.br/temas/TouroVPN/assets/js/ 12 KB
4 KB 45ms
18ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/js/util.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3091-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3273

GET
H/1.1 200
OK main.js Show response
www.tourovpn.com.br/temas/TouroVPN/assets/js/ 5 KB
2 KB 40ms
12ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/js/main.js?version=3.14.1
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f20785465a7789711083b554ccb1ef2b364ddd858945511ae11f8eb18b21fc3a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "14e2-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1820

GET
H/1.1 200
OK advert.js Show response
tourovpn.com.br/ligar/cookie-consent-3.1/js/ 76 B
440 B 19ms
15ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tourovpn.com.br/ligar/cookie-consent-3.1/js/advert.js
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a1e12867389314a0594cbf4ca6907f0333303b17a9b3e1b2f777a8a8de6e63f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Nov 2018 00:15:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4c-579f3e48ccd80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 93

GET
H/1.1 200
OK viewer.js Show response
tourovpn.com.br/ligar/viewerjs/js/ 85 KB
18 KB 41ms
15ms Script
application/javascript 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tourovpn.com.br/ligar/viewerjs/js/viewer.js
Requested by: Host: tourovpn.com.br
URL: https://tourovpn.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4eaf602fa55800722160a16d4bf3d1b3fa5b3f608fbe6c19b3849b740318c09b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jan 2019 22:15:14 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "154e1-5808c02c82080-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18106

GET
H/1.1 200
OK font-awesome.min.css
www.tourovpn.com.br/temas/TouroVPN/assets/css/ 30 KB
7 KB 11ms
11ms Stylesheet
text/css 51.222.88.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/css/font-awesome.min.css
Requested by: Host: www.tourovpn.com.br
URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/css/main.css?version=3.14.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.88.201 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps76202.cloudpublic.com.br
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tourovpn.com.br/temas/TouroVPN/assets/css/main.css?version=3.14.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2019 21:19:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7918-589d0fc7ff380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7053

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 86ms
36ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900

Requested by

Host: www.tourovpn.com.br
URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/css/main.css?version=3.14.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04c6dbbd5a4d68d346a2f1da9a2eb7d859790408cd353cb71277560bf2ae1b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Mar 2023 11:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Mar 2023 11:56:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Mar 2023 11:56:13 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 135ms
88ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2137766368830030

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a91610706bfd2017f3bf4fc6841c22dde8f6e4a4ec4d36c0c53ca9ec384706c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119748
x-xss-protection: 0
server: cafe
etag: 2721315841020681262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:56:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 2EC7 10 KB
5 KB 81ms
25ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2137766368830030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 72696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 15:44:37 GMT
etag: 2378337311435320485
expires: Sat, 08 Apr 2023 15:44:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
13 KB 91ms
25ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tourovpn.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:55:26 GMT
x-content-type-options: nosniff
age: 266447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12408
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:55:26 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 92ms
26ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tourovpn.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:58:34 GMT
x-content-type-options: nosniff
age: 266259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19720
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:58:34 GMT

GET fontawesome-webfont.woff2
www.tourovpn.com.br/temas/TouroVPN/assets/fonts/ 0
0

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 123ms
58ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tourovpn.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:55:16 GMT
x-content-type-options: nosniff
age: 266457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:55:16 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 122ms
57ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tourovpn.com.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 266462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:55:11 GMT

GET fontawesome-webfont.woff
www.tourovpn.com.br/temas/TouroVPN/assets/fonts/ 0
0

GET fontawesome-webfont.ttf
www.tourovpn.com.br/temas/TouroVPN/assets/fonts/ 0
0

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 84ms
32ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RLT8WTQYN2&gtm=45je33m0&_p=236587048&cid=1748033729.1679831774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679831774&sct=1&seg=0&dl=https%3A%2F%2Ftourovpn.com.br%2F&dt=%7C%20TOURO%20VPN&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLT8WTQYN2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tourovpn.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
609 B 100ms
33ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tourovpn.com.br&callback=_gfp_s_&client=ca-pub-2137766368830030

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19a37b9391cc17879cfc6834e7aef9dc4867c7099382e706dfebf0f57f8f9895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
531 B 146ms
59ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=tourovpn.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 90ms
38ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tourovpn.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41A2 14 KB
5 KB 142ms
140ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2137766368830030&output=html&adk=1812271804&adf=3025194257&lmt=1679831774&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Ftourovpn.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831773783&bpp=53&bdt=149&idt=312&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6540198378448&frm=20&pv=2&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=360

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4e7d008e5367db65ab7ffcc7d6e53b92deef491c36193717c5b98a1a519d14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4943
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:14 GMT
expires: Sun, 26 Mar 2023 11:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-2137766368830030 Show response
fundingchoicesmessages.google.com/i/ 133 KB
45 KB 117ms
62ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2137766368830030?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5ad605ff661215de3ea50a1c613ca4b8dbf3c1db8a33c50fa7933b0b3e01281

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VL-Wg3Ckz2LxcQljnCEf3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-VL-Wg3Ckz2LxcQljnCEf3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
165 B 36ms
34ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=tourovpn.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 41ms
41ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tourovpn.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E28 34 KB
15 KB 366ms
364ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b7c46c46b5f58ebe5c095a095d1d6888603eedf79538dfb0b93a03a19b6790e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15621
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:14 GMT
expires: Sun, 26 Mar 2023 11:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8AB 35 KB
15 KB 274ms
273ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

316ac7bb766221a720de6d1491054cf81e5e3aea903c8be9f3b17c07f1362a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15562
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:14 GMT
expires: Sun, 26 Mar 2023 11:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67ED 430 B
230 B 166ms
164ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=240&adk=3547372798&adf=547864405&pi=t.aa~a.2626600918~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x240&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=3461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=rRqr7Ann9E&p=https%3A//tourovpn.com.br&dtd=268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a845392a7163e96a75a7272ba56ed76067a06bb72d5ee441954ab1dd7b07d903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:14 GMT
expires: Sun, 26 Mar 2023 11:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 589C 430 B
230 B 213ms
211ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=280&adk=457172810&adf=1362843711&pi=t.aa~a.144483688~rp.1&w=1024&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=1024x280&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600%2C300x600%2C300x240&nras=5&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=4232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ljg59jcQlB&p=https%3A//tourovpn.com.br&dtd=274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b8ba46838b00dab3a410b1a1c6042f37f9d9694079e4130c8fab769eb62066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:14 GMT
expires: Sun, 26 Mar 2023 11:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV-W__H99hAg6WstT4J7l-5e2DewKdQ9PW02ywBvikLqJfFsd1iedJa9_CKSBve8Rq6urbz6JGqh-9qIIkC5sE= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 64ms
64ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-W__H99hAg6WstT4J7l-5e2DewKdQ9PW02ywBvikLqJfFsd1iedJa9_CKSBve8Rq6urbz6JGqh-9qIIkC5sE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc5ODMxNzc0LDY3NzAwMDAwMF0sIjM4ODAyOEI2LTEwNDgtNDA2MS1CMjczLUVFMTA3NTZCRDdGMyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vdG91cm92cG4uY29tLmJyLyIsbnVsbCxbWzgsInRtWGpjNXQtNEUwIl0sWzksImVuLVVTIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tmXjc5t-4E0.es5.O/d=1/rs=AJlcJMxU-9ACQaEO6yF3t3Gw5WX9IkM1pw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cd767dca9d0e55368d7af5a9f4e8259d7c15dce609b75dcf6c1581b6280444e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DByd1Y8hrN4TwVmaZLl1Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-DByd1Y8hrN4TwVmaZLl1Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXr0ac3SNZFrxVXx9tWi2ZVO62dF94ioywKVW7EaXzNNZUFWwelVqRyNLxVZGK6XBy4oCx5LyD_y2i7E2_7i6I= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 113ms
48ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXr0ac3SNZFrxVXx9tWi2ZVO62dF94ioywKVW7EaXzNNZUFWwelVqRyNLxVZGK6XBy4oCx5LyD_y2i7E2_7i6I=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9KvN6etlwNKCKnmgQAG0IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-9KvN6etlwNKCKnmgQAG0IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tourovpn.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVaHYhElKsH2z3nRYZvTOOJ_OL-CIC2LQND44Pqq-3UaGvTaZPcEL_l4Rn22BRN8oGjwydCzwf7S6kyk8hSt2lK1BJjlQmDvpl115G14NCfzBcNDryEmWmUgQ_9TYPXVtdSoad_4w== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 96ms
96ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVaHYhElKsH2z3nRYZvTOOJ_OL-CIC2LQND44Pqq-3UaGvTaZPcEL_l4Rn22BRN8oGjwydCzwf7S6kyk8hSt2lK1BJjlQmDvpl115G14NCfzBcNDryEmWmUgQ_9TYPXVtdSoad_4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc5ODMxNzc0LDc1OTAwMDAwMF0sIjM4ODAyOEI2LTEwNDgtNDA2MS1CMjczLUVFMTA3NTZCRDdGMyIsbnVsbCxudWxsLFtudWxsLFs3LDEwXV0sImh0dHBzOi8vdG91cm92cG4uY29tLmJyLyIsbnVsbCxbWzgsInRtWGpjNXQtNEUwIl0sWzksImVuLVVTIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4386b2dc9a1a10d75a044a4c2c4f472938d47590cd30a5c4893481497f3f420a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aH5YGD3HWfBbEYA-TQpSfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aH5YGD3HWfBbEYA-TQpSfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 39ms
39ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=tourovpn.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
40ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tourovpn.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF45 430 B
227 B 229ms
226ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=90&adk=1468129556&adf=848236959&pi=t.aa~a.144512785~rp.1&w=1024&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=1024x90&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774399&bpp=1&bdt=765&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600%2C300x600%2C300x240%2C1024x280&nras=6&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=4786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=p6cz9d8atA&p=https%3A//tourovpn.com.br&dtd=516

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd0ddef06c2680407f42f9280c180c8879ef8d9b439109580ea0b1cc9f970d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame D8AB 327 KB
120 KB 163ms
69ms Script
text/javascript 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

54e5d0e2d550c8d8025d8c2092343aebbd210db83119b3f3ed13b52b8ba86fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-mnt-h: 21-psd3
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 26 Mar 2023 11:56:15 GMT
server: Apache
etag: "74df650efd34c3ae245860729236242c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-jxfb
timing-allow-origin: *
expires: Sun, 26 Mar 2023 12:01:15 GMT

GET
H2 200 release-20230309-85-adperformance.js Show response
warp.media.net/rtb/resources/ Frame D8AB 71 KB
25 KB 149ms
37ms Script
application/javascript 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230309-85-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sun, 26 Mar 2023 11:56:15 GMT
x-guploader-uploadid: ADPycduHGcAyGkpDPVPhCOIDrlBIjEvS9jVGUc_t407DT_JeCwYfgmfYCe4bgzEy3iCIHZOz3muT7U2s68aQyz7rnXodwWoi_vyZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25043
server: UploadServer
etag: "8b46dc3324670db478550a2f61df9038"
vary: Accept-Encoding
x-goog-hash: md5=i0bcMyRnDbR4VQovYd+QOA==, crc32c=066A6Q==
content-type: application/javascript
x-goog-generation: 1678368838889315
cache-control: max-age=3600
x-goog-stored-content-length: 73000
expires: Sun, 26 Mar 2023 12:56:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame D8AB 3 KB
1 KB 70ms
25ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 10:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:13:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame D8AB 20 KB
9 KB 77ms
24ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 10:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:00:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D8AB 0
0 85ms
37ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTS0izafz96EeymatTatJVZiFV_O2e59h8tsVGOD2rIfSM6hzftbSLBVJfW_v99RbvyVOg3j2_yxhfsjoG3eYCyfUgRHw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8AB 158 KB
48 KB 2291ms
2206ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:56:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D8AB 0
0 75ms
70ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs7UB3jIgZIeoKtTZxtYP65CQuA--laSvbPfa0tOsDMCNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0yMTM3NzY2MzY4ODMwMDMwyAEJqAMBqgTAAU_QoR-ewcTLZvfUExYDL6ovBh26u3RhB3z8yFTrJwFDX6-bwGGlr-GBTO70Auuyg5hNPmXYb2rouUKkyovBJH2NdjLB1WeYaPOgRFpJRqcLocBf4IBvTl9B8Y4qNM_iGzeaVR9YFS1376TdYwYSxELNzWDWGOe4yF2a_XOMSJkVOP_WX6kK-rDP-qtCcIl7kkqWwOHGYs0pYNc6ilHA6I7Sgw2VxxmL6dY4-imvMdhJH05wyM-hLvkoC70fq_csJ4AG68W4sp33y-UWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEzNzc2NjM2ODgzMDAzMBgA&sigh=UrXwURyTPQY&uach_m=[UACH]&cid=CAQSOwDUE5ympgSuaOKFlEIFhDc0ll2oGjUTuFZjybIgH5KKnpfkUdQgWVa6cKHW0QvJdyM7QhbjW1EbiA6AGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Mar 2023 11:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame D8AB 35 B
0 131ms
25ms Fetch
image/gif 23.34.248.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=acd88e2de3514792a7612aef979c078d&bidrestime=1679831774885&cbdp=0.034&ogbdp=0.05&prvReqId=181829014524694_1015880856_41051946823131&pvid=313&scrid=1700080807683300300060000039600&size=300x600&slotVisibility=2&viewability=23&app=0&cc=CA&cid=8CUU9JF8H&csip=rtb-appnexus-dd88bd98c-gg4mx.SC&device_id=4&dn=tourovpn.com.br&itype=ADX&mang=1&requrl=https%3A%2F%2Ftourovpn.com.br&dtc=east_sc&zone=d&commit_id=522571b6&ugd=4&ctr=-1.0&rme=nurl

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-34-248-177.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame D8AB 35 B
0 157ms
20ms Fetch
image/gif 104.117.182.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0500&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=0.0&adtyp=0&req_id=c7aSEuV3ZEnwATEwj9YEkw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&predicted_wr=70.9649&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=32&floor_bucket=0.00&gpid_format=&seat=BID_API&rc=-1&size=300x600&f_seg=&prdp=0.0340&ogcbdp=0.0500&dfpbd=0.0340&server=1&ogerpm_wd_bkt=0-1&model_version=202303260146_generic_adx_1-cid_0&viewability=0.2300&dmm_r=0.0000&cut=32&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=CA-QC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.05&ugd_ver=&requrl=tourovpn.com.br%2F&bidrestime=1679831774885&cc=CA&strg=harmony&ss=&current_hour=11&time_stamp=2023-03-26+11%3A56%3A14&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.0500&ct=Montreal&akey=&mnckfl=0&dmm_ctr=-1.0000&asn=514&bdp_bucket=0.05&algo=default&dc=east_sc&splid=&erpm_mult=1.000000&dn=tourovpn.com.br&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.110+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=acd88e2de3514792a7612aef979c078d&zone=d&infl=&o_ver=NT+10.0&br_ver=111.0.5563.110&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.3.5&totalTimeBucket=1&visibility=2&totalTime=1937521&dmm_m1=2023-03-26+11%3A56%3A14.886461478&e_rpm=0.0000&dmm_m22=0.0500&gdpr=&vsid=&log_less=true&gpid_sent=false&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=1700080807683300300060000039600&rawbid=0.0500&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-appnexus-dd88bd98c-gg4mx.SC&dfp_bucket=0.0&adblk=1749152576&itype=adx&pvid_seat=313_BID_API&cliIP=0&advurl=topics.businessfocus.online%2F&level_base=0&crid=410519468&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.05
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 8E28 327 KB
120 KB 135ms
122ms Script
text/javascript 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c31407284704f5456b76da5b04fe65381a3fe13e44728f0f3deff4f5cec592ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-mnt-h: 21-psd3
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 26 Mar 2023 11:56:15 GMT
server: Apache
etag: "74df650efd34c3ae245860729236242c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-jxfb
timing-allow-origin: *
expires: Sun, 26 Mar 2023 12:01:15 GMT

GET
H2 200 release-20230309-85-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 8E28 71 KB
25 KB 80ms
49ms Script
application/javascript 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230309-85-adperformance.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sun, 26 Mar 2023 11:56:15 GMT
x-guploader-uploadid: ADPycduHGcAyGkpDPVPhCOIDrlBIjEvS9jVGUc_t407DT_JeCwYfgmfYCe4bgzEy3iCIHZOz3muT7U2s68aQyz7rnXodwWoi_vyZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25043
server: UploadServer
etag: "8b46dc3324670db478550a2f61df9038"
vary: Accept-Encoding
x-goog-hash: md5=i0bcMyRnDbR4VQovYd+QOA==, crc32c=066A6Q==
content-type: application/javascript
x-goog-generation: 1678368838889315
cache-control: max-age=3600
x-goog-stored-content-length: 73000
expires: Sun, 26 Mar 2023 12:56:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 8E28 3 KB
1 KB 29ms
23ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 10:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:13:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 8E28 20 KB
8 KB 32ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 10:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:00:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E28 0
0 43ms
37ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThPx-KukW4_ywtWnsbk9bCzk0e0AXIMOHJPPtGfj4eXzk0ci9r9wOwr_x82tsO8atcgIytEYpydNyvpeSWd8DWABA-xw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E28 158 KB
49 KB 2185ms
2178ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:56:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8E28 0
0 67ms
61ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-I0a3jIgZIrOKbS6xtYPh425CL6VpK9s99rS06wMwI23ARABIABg_eiigfADggEXY2EtcHViLTIxMzc3NjYzNjg4MzAwMzDIAQmoAwGqBMABT9BzrvGeEIAj5QKAuuZ3zto1whLt_2PF0Glw5gWc9o9R9cZI-wId3PN7RC35Aoq80gRTnsJpD0sQGalmR1_w2OZAILGlvRMACnvoz-sdjj-A7XFjmFRpQtXJTtXhgpcB68HOh3HFW2VD8gbrdtLA5GWduZ1a-G1L_V1Ux0ULjx7dV_aZn5_O_bQsZQ3-NwViHyR7xPGPMPwy5NRiAtLSji_7liCHW2kYjAh2uSf4luCtVDUQtqR9VbY7vEnP2ryogAbrxbiynffL5RagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTM3NzY2MzY4ODMwMDMwGAA&sigh=GXk1yu1pywQ&uach_m=[UACH]&cid=CAQSOwDUE5ymVG-bdsDmyMRkV9sDCF3_GiWOLQqEpAKsNyha1TGIHBMUjGa6ACLvkIG23g64sfKNEsMf2YKYGAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Mar 2023 11:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 8E28 35 B
0 57ms
24ms Fetch
image/gif 23.34.248.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=7085998688054b9d845ff75e1e7aacec&bidrestime=1679831774923&cbdp=0.03&ogbdp=0.05&prvReqId=3383085779462_819874044_41051946823131&pvid=313&scrid=1700080807683300300060000039600&size=300x600&slotVisibility=2&viewability=18&app=0&cc=CA&cid=8CUU9JF8H&csip=rtb-appnexus-dd88bd98c-46cfk.SC&device_id=4&dn=tourovpn.com.br&itype=ADX&mang=1&requrl=https%3A%2F%2Ftourovpn.com.br&dtc=east_sc&zone=d&commit_id=522571b6&ugd=4&ctr=-1.0&rme=nurl

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-34-248-177.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 8E28 35 B
0 95ms
25ms Fetch
image/gif 104.117.182.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=&app_type=&bdr_typ=1&ogerpm=0.05&dn=tourovpn.com.br&stid=&other_prv=313&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.110+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=7085998688054b9d845ff75e1e7aacec&req_id=DSnrHC1o2tqqxgbBWxh_IQ&bidfp=0.0100&pvag_id=&ugd=4&zone=d&infl=&o_ver=NT+10.0&br_ver=111.0.5563.110&exp=&deal_id=&ver=9.3.5&totalTimeBucket=0&visibility=2&fdbk_id=&second_bidder=*&totalTime=984280&e_rpm=&dmm_m22=0.0500&gpid_format=&gdpr=&vsid=&seat=BID_API&rc=-1&size=300x600&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&sfm_key=&cid=8CUU9JF8H&bcrid=1700080807683300300060000039600&ogcbdp=0.0500&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.18&rawbid=0.05&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=CA-QC&send_erpm=false&pst=EMS&sd=1&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-appnexus-dd88bd98c-46cfk.SC&adblk=264133007&ugd_ver=&requrl=tourovpn.com.br&itype=adx&pvid_seat=313_BID_API&bidrestime=0&cc=CA&strg=smm_migration_test&ss=&cliIP=0&advurl=topics.businessfocus.online%2F&crid=410519468&time_stamp=2023-03-26+11%3A56%3A14&sat=1&rvshhon=&bdp=0.0500&br_id=265&ct=Montreal&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=313&capd=&asn=514&algo=&other_bids=0.05&dc=east_sc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame D8AB 104 KB
35 KB 137ms
29ms Script
text/javascript 23.215.130.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.215.130.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-171.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 96c849bbb592c43ac92325976aa6650ee8c4bb53adaffa90ca8aa2ca99362698

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 35067
Expires: Sun, 26 Mar 2023 12:01:15 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame D8AB 85 KB
30 KB 223ms
222ms Script
text/javascript 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU7Q771E&cpcd=QcqgoxBu_JEBy1__-rrJcw%3D%3D&crid=522207812&size=300x600&cc=CA&sc=QC&chnm=HARMONY&pid=8PO6CSQ66&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Ftourovpn.com.br&nse=5&vi=1679831775949618770&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=410519468&itid=17&bae=B4xaq/g/xN&bcpf=B4xaq%2Fg8fOnRrolnfOur8%2FxN&bdrId=313&ntv=0&matchstring=hr%3D0%7C&sff=0&tsce=L84&katpre=1&katbid=-102&pgid=p1166391286t202303261156&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~%3DKog%3D~cmz7LJ1j&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&adv=Business%20Focus&isid=1&allsc=QC

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

377b23ca812761b4a36355183b85c3e835416e88fcb8532ba83aa17b2c3505b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-2zzs
timing-allow-origin: *
content-length: 30555
expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame D8AB 35 B
338 B 90ms
26ms Image
image/gif 104.76.104.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=739&&vgd_cdv=902&vgd_tsce=L84&vgd_cage=2&gdpr=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=522207812&vi=1679831775949618770&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=170785070&r=1679831775230&requrl=https%3A%2F%2Ftourovpn.com.br&ssld=%7B%22QQ8E%22%3A%22fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22%3DKog%3D%22%2C%22QQN75%22%3A%22cmz7LJ1j%22%7D&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1679831775176190998&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_itype_id=17&vgd_pgid=p1166391286t202303261156&vgd_pgids=1&vgd_uspa=0&hvsid=00001679831775209025035145529781&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.104.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-104-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame E0DB 26 KB
9 KB 49ms
48ms Document
text/html 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d5435ef586a05994985bd14964c12a4ee77c663e1cbc283caa566559ac32308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9325
content-type: text/html; charset=UTF-8
date: Sun, 26 Mar 2023 11:56:15 GMT
expires: Tue, 28 Mar 2023 11:56:15 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame D8AB 35 B
199 B 30ms
28ms Image
image/gif 23.34.248.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4686&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUU9JF8H&reqid=c7aSEuV3ZEnwATEwj9YEkw&vid=c7aSEuV3ZEnwATEwj9YEkw&dn=tourovpn.com.br&rawDn=tourovpn.com.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Ftourovpn.com.br&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=CA-QC&ct=Montreal&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-dd88bd98c-gg4mx.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=514&sckfl=1&suid=CAESEBRpMd8kiYT8Xi4AiSNSPu4&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AOmmZTAse85Iszq1suXdEkQxdVWM3y1XUyRxNhSF_Shzk2xcdGs0ARNtZBFcxghcW6Sb9ns7&pexid=ADX-pub-2137766368830030&geoll=false&is_ortb=false&s_ip=172.217.36.135&s_city=atlanta&commit_id=522571b6&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-24+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=CA&ipcc=CA&rtttime=107&pvid=313&prvAccId=522207812&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=410519468&prspt=headerBid&prvReqId=181829014524694_1015880856_41051946823131&reqsize=300x600&size=300x600&chnl=HARMONY&bdp=0.050&cbdp=0.034&og_cbdp=0.050&ogbdp=0.05&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.034&dt=O&dbf=1&epc=522207812&s=1&snm=SUCCESS&pcrid=8CU7Q771E-522207812-13-8&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=23&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1679831774885&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.05&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300060000039600&strg=HARMONY&vls=0&scrid=1700080807683300300060000039600&mang=1&pvdTmax=183&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=160x600%7C300x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=eAT95L1kd5CI&mx_gpid_sent=false&mx_commit_id=959f492dc1&acid=acd88e2de3514792a7612aef979c078d&rtime=23.0&wsip=mowx-lite-74c9fdb8fd-hkxxc&ltime=33.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1749152576&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=acd88e2de3514792a7612aef979c078d_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&feedback_id=c7aSEuV3ZEnwATEwj9YEkw&supplyTagId=1749152576&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=33&debug_ts=2023-03-26+11%3A56%3A14&__expireat=1679832375137&mview=1&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D20~ogerpm%3D0.05~vw_exc%3D0.23~vis_sd%3D630~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023032606~iurl_b%3D1936.9~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.58~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D3%2C3~et%3D22~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023032607~vis_b%3D237.78~url_b%3D0.52~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.05~vl2r_url_kc%3D0E0~bm%3D1~sid%3D522207812~sd%3D0~uid%3D2IaGhNlLiidG2sJ2Ig~btd%3D8817621490904885805099812608384710721115296894541179901887647406748823620398693466401661766921097216~vwu%3D0.23~d2p_l%3D10~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.98~vurl_b%3D0.77~ss%3DNA~cc%3DCA~uiw%3D-1~ce%3D0~rps_b%3D47.32~vurl_l%3D20~CI%3D2884~nts%3D2~tb%3D-1~ct%3Dmontreal~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.3~isif%3D0~lc%3D1~bid%3D0.05~dc%3D8~vl2r_b%3D4.88~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.23%7Eamp%3D1%7Ecbdp%3D0.034%7Edmm%3Dharmony%7Esuid%3DCAESEBRpMd8kiYT8Xi4AiSNSPu4%7Edtc%3Deast_sc%7Exid%3DADX-pub-2137766368830030%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D1749152576%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D160x600%7C300x600~bsb%3D0~bsp%3D0~tmx%3D183&utime=375&sf=0&cpr=0.706350029221466

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-34-248-177.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: max-age=3600
date: Sun, 26 Mar 2023 11:56:15 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sun, 26 Mar 2023 17:56:15 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 8E28 104 KB
35 KB 82ms
34ms Script
text/javascript 23.215.130.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.215.130.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-171.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 96c849bbb592c43ac92325976aa6650ee8c4bb53adaffa90ca8aa2ca99362698

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 35067
Expires: Sun, 26 Mar 2023 12:01:15 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 8E28 86 KB
30 KB 196ms
195ms Script
text/javascript 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU7Q771E&cpcd=QcqgoxBu_JEBy1__-rrJcw%3D%3D&crid=522207812&size=300x600&cc=CA&sc=QC&chnm=smm_migration_test&pid=8PO6CSQ66&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Ftourovpn.com.br&nse=5&vi=1679831775740289556&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=410519468&itid=17&bae=B4xaq/g/xN&bcpf=B8fOnRrolnfOur84xaq%2Fg%2FxN&bdrId=313&ntv=0&matchstring=hr%3D0%7C&sff=0&tsce=L84&katpre=1&katbid=-102&pgid=p1166391286t202303261156&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~%3DKog%3D~cmz7LJ1j&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&adv=Business%20Focus&isid=1&allsc=QC

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

69081b9073d810ffebc861f9d9efc107ef5794a6f3770b4d74cf8d18fa9eb52f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-2pc7
timing-allow-origin: *
content-length: 30649
expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame 8E28 35 B
338 B 27ms
27ms Image
image/gif 104.76.104.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=739&&vgd_cdv=902&vgd_tsce=L84&vgd_cage=2&gdpr=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=522207812&vi=1679831775740289556&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=170785070&r=1679831775328&requrl=https%3A%2F%2Ftourovpn.com.br&ssld=%7B%22QQ8E%22%3A%22fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22%3DKog%3D%22%2C%22QQN75%22%3A%22cmz7LJ1j%22%7D&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1679831775192239729&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_itype_id=17&vgd_pgid=p1166391286t202303261156&vgd_pgids=1&vgd_uspa=0&hvsid=00001679831775314025035145526465&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.104.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-104-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C1A 1 KB
643 B 26ms
25ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 10:00:53 GMT
etag: 48472445140208031
expires: Mon, 27 Mar 2023 10:00:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4793 26 KB
9 KB 34ms
33ms Document
text/html 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d5435ef586a05994985bd14964c12a4ee77c663e1cbc283caa566559ac32308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9325
content-type: text/html; charset=UTF-8
date: Sun, 26 Mar 2023 11:56:15 GMT
expires: Tue, 28 Mar 2023 11:56:15 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 8E28 35 B
199 B 20ms
19ms Image
image/gif 23.34.248.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4778&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUU9JF8H&reqid=DSnrHC1o2tqqxgbBWxh_IQ&vid=DSnrHC1o2tqqxgbBWxh_IQ&dn=tourovpn.com.br&rawDn=tourovpn.com.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Ftourovpn.com.br&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=CA-QC&ct=Montreal&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-dd88bd98c-46cfk.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=514&sckfl=1&suid=CAESECJl4YHvN9qHcjPLfiEjZqA&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AOmmZTDe_z3IS25HFH3F6kUXhnMgp3VxvIZ_7PdMPv0NCsvlNGRzTWjOF5OVQEmVsxXgshqC&pexid=ADX-pub-2137766368830030&geoll=false&is_ortb=false&s_ip=172.217.36.130&s_city=atlanta&commit_id=522571b6&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-24+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=CA&ipcc=CA&rtttime=159&pvid=313&prvAccId=522207812&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=410519468&prspt=headerBid&prvReqId=3383085779462_819874044_41051946823131&reqsize=300x600&size=300x600&chnl=smm_migration_test&bdp=0.050&cbdp=0.03&og_cbdp=0.050&ogbdp=0.05&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.03&dt=O&dbf=1&epc=522207812&s=1&snm=SUCCESS&pcrid=8CU7Q771E-522207812-13-19&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=18&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1679831774923&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.05&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807683300300060000039600&strg=smm_migration_test&vls=0&scrid=1700080807683300300060000039600&mang=1&pvdTmax=157&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=160x600%7C300x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=eAT95L1kd5CI&mx_gpid_sent=false&mx_commit_id=959f492dc1&acid=7085998688054b9d845ff75e1e7aacec&rtime=48.0&wsip=mowx-lite-74c9fdb8fd-t28n8&ltime=59.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=264133007&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=7085998688054b9d845ff75e1e7aacec_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&feedback_id=DSnrHC1o2tqqxgbBWxh_IQ&supplyTagId=264133007&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=60&debug_ts=2023-03-26+11%3A56%3A14&__expireat=1679832375175&mview=1&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D20~ogerpm%3D0.05~vw_exc%3D0.18~smm_bid%3D0.03~vis_sd%3D630~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023032606~iurl_b%3D1936.9~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.58~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D3%2C3~et%3D23~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023032607~vis_b%3D213.67~url_b%3D0.52~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D3.0610~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~smm_mul%3D0.67~l2r_b%3D1000~erpm%3D0.05~vl2r_url_kc%3D0E0~bm%3D1~smm_sd%3D2023032604~sid%3D522207812~sd%3D1~uid%3D2IaGmzUPLX8o2NhHSZ~btd%3D8817621490904885805159098158088451688903884607960115635883532100514197336191637691647725526991765504~vwu%3D0.18~d2p_l%3D10~3pcf%3D1000~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~ogd2p_b%3D0.98~vurl_b%3D0.77~ss%3DNA~cc%3DCA~uiw%3D-1~ce%3D0~rps_b%3D47.32~vurl_l%3D20~CI%3D2884~nts%3D2~tb%3D-1~ct%3Dmontreal~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.3~isif%3D0~lc%3D1~bid%3D0.03~dc%3D8~vl2r_b%3D4.88~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.18%7Eamp%3D1%7Ecbdp%3D0.030%7Edmm%3Dsmm_migration_test%7Esuid%3DCAESECJl4YHvN9qHcjPLfiEjZqA%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-2137766368830030%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D264133007%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~nsz%3D2~tgs%3D160x600%7C300x600~bsb%3D0~bsp%3D0~tmx%3D157&utime=448&sf=0&cpr=0.6527301297659733

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-34-248-177.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: max-age=3600
date: Sun, 26 Mar 2023 11:56:15 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sun, 26 Mar 2023 17:56:15 GMT

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame E0DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIyODMzMzc1MTQ1NTIzNjAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1

65 B
630 B

248ms
131ms

Image
image/gif

104.76.104.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 104.76.104.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-104-25.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e9265c8d1f568b85f487c3cfadb4305e5d7b122a16a9ec9f8a7d116f2fa5fdab

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 11:56:15 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 65
x-mnet-hl2: E
Expires: Sun, 26 Mar 2023 11:56:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8BFC 1 KB
643 B 23ms
20ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 10:00:53 GMT
etag: 48472445140208031
expires: Mon, 27 Mar 2023 10:00:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8E28 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9979aca13f3d43cc7975d626d8eac82573affeaaa2bab24679fc0702a5d26ad8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D8AB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efca8f6a667f319170d9e4d3ecf52b846df0b8f237f926ae3d70f808b67a07ad

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8C1A 35 B
464 B 126ms
23ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPS3-J8vBzUp7xhWswBvkxU&google_cver=1&google_push=Aer7DvLFMIHEfNYvWThXyxpUTYt0Hr3xKPhdkzzlHj9_Fr4_VZ6itRVLXboE0qA2RFxXC9SUcNKab2Oc9Fb-Diild0ZQc1qJOR6Mn5w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C1A
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAMIFWYIoq-2aHvWlfQIsvk&google_cver=1&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxR...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAMIFWYIoq-2aHvWlfQIsvk&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxR...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxRsfqkkPpmqWsSHuTVDxJ&google_hm=Qk1mdHQ4NUJ1NTRV...

170 B
188 B

41ms
41ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxRsfqkkPpmqWsSHuTVDxJ&google_hm=Qk1mdHQ4NUJ1NTRVRy1SRUZrdWI=

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvLn7iUvng1VMaagibX738D-uJ4XnHcxNFtwKTEwVanNNJdylWhPe6QgQleuNylMLoOS3MHuSDIbqnpxRsfqkkPpmqWsSHuTVDxJ&google_hm=Qk1mdHQ4NUJ1NTRVRy1SRUZrdWI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C1A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEN7TRbx9gN33Jb7oHhj4Bjw&google_cver=1&google_push=Aer7DvJfi9C7exvn0tT-xGZ3KhxAvb4J_phTAT7LH43_CnW9fardRYP_dGlYjJ-hdjfEFr1pMVzLzpuF16T3frj...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=Aer7DvJfi9C7exvn0tT-xGZ3KhxAvb4J_phTAT7LH43_CnW9fardRYP_dGlYjJ-hdjfEFr1pMVzLzpuF16T3fr...

170 B
188 B

40ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=Aer7DvJfi9C7exvn0tT-xGZ3KhxAvb4J_phTAT7LH43_CnW9fardRYP_dGlYjJ-hdjfEFr1pMVzLzpuF16T3frjxYS05yVntADBMtsmY

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=Aer7DvJfi9C7exvn0tT-xGZ3KhxAvb4J_phTAT7LH43_CnW9fardRYP_dGlYjJ-hdjfEFr1pMVzLzpuF16T3frjxYS05yVntADBMtsmY
Date: Sun, 26 Mar 2023 11:56:15 GMT
Connection: keep-alive
Content-Length: 246
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C1A
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEN2lsf_wsWbZXx5BWYjDN-A&google_cver=1&google_push=Aer7DvL2PYGdCfKAS1i6EiPhMYdfXFZaExaRgLbN3XvY1QKqA2K40KyrK...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvL2PYGdCfKAS1i6EiPhMYdfXFZaExaRgLbN3XvY1QKqA2K40KyrKf-ZwZIUYmOqr72w3XguK0hfFx8qd5qi0IpTp3XdZIhZxj2sRA&google_hm=QlMuNDEwZS0w...

170 B
188 B

39ms
37ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvL2PYGdCfKAS1i6EiPhMYdfXFZaExaRgLbN3XvY1QKqA2K40KyrKf-ZwZIUYmOqr72w3XguK0hfFx8qd5qi0IpTp3XdZIhZxj2sRA&google_hm=QlMuNDEwZS0wNjZmLTQ1YmItOWE1Mg==

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvL2PYGdCfKAS1i6EiPhMYdfXFZaExaRgLbN3XvY1QKqA2K40KyrKf-ZwZIUYmOqr72w3XguK0hfFx8qd5qi0IpTp3XdZIhZxj2sRA&google_hm=QlMuNDEwZS0wNjZmLTQ1YmItOWE1Mg==
Date: Sun, 26 Mar 2023 11:56:15 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C1A
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHAJGJee8h4S7EFYbs4Auxo&google_cver=1&google_push=Aer7DvL3OeSv9WJ_SvmEP38F2923lXnEv-oUS5YgY-oGHZ1anyL1NXLwF6TTIOjnsg-njh8iIh7mK3hwpaqhkfl7BlZXDQX...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvL3OeSv9WJ_SvmEP38F2923lXnEv-oUS5YgY-oGHZ1anyL1NXLwF6TTIOjnsg-njh8iIh7mK3hwpaqhkfl7BlZXDQX-_Uve9An5QA&google_hm=NTg4N...

170 B
188 B

38ms
36ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvL3OeSv9WJ_SvmEP38F2923lXnEv-oUS5YgY-oGHZ1anyL1NXLwF6TTIOjnsg-njh8iIh7mK3hwpaqhkfl7BlZXDQX-_Uve9An5QA&google_hm=NTg4NDM3NTU5OTI3MzM4MTkxMQ==

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvL3OeSv9WJ_SvmEP38F2923lXnEv-oUS5YgY-oGHZ1anyL1NXLwF6TTIOjnsg-njh8iIh7mK3hwpaqhkfl7BlZXDQX-_Uve9An5QA&google_hm=NTg4NDM3NTU5OTI3MzM4MTkxMQ==
Date: Sun, 26 Mar 2023 11:56:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C1A
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEHN_oBJ6ncmQ-T5MbzggmqE&google_cver=1&google_push=Aer7DvIB-mMZTE0FzSElTjLJ2MgH8qWqvBpJ8pZ3uRo3U1ktIqnY3wAArN8sFZYR7G...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvIB-mMZTE0FzSElTjLJ2MgH8qWqvBpJ8pZ3uRo3U1ktIqnY3wAArN8sFZYR7GRXEXPbjt7gLKYeLynyAK-5gj4y1z99cVbsORg5&google_hm...

170 B
188 B

37ms
36ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvIB-mMZTE0FzSElTjLJ2MgH8qWqvBpJ8pZ3uRo3U1ktIqnY3wAArN8sFZYR7GRXEXPbjt7gLKYeLynyAK-5gj4y1z99cVbsORg5&google_hm=T5vCruTjS3K4P62nuT9Tirg

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvIB-mMZTE0FzSElTjLJ2MgH8qWqvBpJ8pZ3uRo3U1ktIqnY3wAArN8sFZYR7GRXEXPbjt7gLKYeLynyAK-5gj4y1z99cVbsORg5&google_hm=T5vCruTjS3K4P62nuT9Tirg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 8C1A
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJNRWVuwbN576LJW01v6xyI&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTQ3ODgxM2QtN2U5ZC00ZjI2LThjYjQtZjU3NTVmYWQ5NjMz&google_push=Aer7DvJ-DkTHPZaufZC0yAGUgXqsHV98z9lJ89908-xQcZmkUJPXKxb2w1hoqTwtLzu0E...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

46ms
46ms

Image
image/gif

96.6.23.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=1749152576&adf=1014115060&pi=t.aa~a.4006690040~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=1&bdt=759&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0%2C300x600&nras=3&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ECwcD94wrj&p=https%3A//tourovpn.com.br&dtd=260
Protocol: H2
Server: 96.6.23.74 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-23-74.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Sun, 26 Mar 2023 11:56:15 GMT
pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C1A 0
139 B 45ms
34ms Image
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8MH_OyIVj02Q5tTArxi3KVqSXjN_scUmWgPtNvEChbgsR07ROhSOO2_LUmv0UOrTCFjlQuRfcTQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 4793
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIyODMzMzc1MTQ1NTIzMTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1

65 B
630 B

215ms
110ms

Image
image/gif

104.76.104.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 104.76.104.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-104-25.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e9265c8d1f568b85f487c3cfadb4305e5d7b122a16a9ec9f8a7d116f2fa5fdab

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 11:56:15 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 65
x-mnet-hl2: E
Expires: Sun, 26 Mar 2023 11:56:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK_xBXO9ELDwXZGYH2kCWiM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BFC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKnmxIN43Pl_jJsj5zHQhxM&google_cver=1&google_push=Aer7DvIA7_TGpxd_Aqrf41__2VZGwSbWX6MeULUZqKZr0tufILhjoKUk0xYgNiliceEPja1gOYMBrSGkZQHrhsxZtbyoFEcyAIlpa...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvIA7_TGpxd_Aqrf41__2VZGwSbWX6MeULUZqKZr0tufILhjoKUk0xYgNiliceEPja1gOYMBrSGkZQHrhsxZtbyoFEcyAIlpaIq00RK-cER56O9PRO82FOfjtzNntUMH...

170 B
188 B

41ms
41ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvIA7_TGpxd_Aqrf41__2VZGwSbWX6MeULUZqKZr0tufILhjoKUk0xYgNiliceEPja1gOYMBrSGkZQHrhsxZtbyoFEcyAIlpaIq00RK-cER56O9PRO82FOfjtzNntUMHkYV2mWF6MlwUCb4G1-CRBWbeMfw&google_hm=Q0FFU0VLbm14SU40M1BsX2pKc2o1ekhRaHhN

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
via: 1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvIA7_TGpxd_Aqrf41__2VZGwSbWX6MeULUZqKZr0tufILhjoKUk0xYgNiliceEPja1gOYMBrSGkZQHrhsxZtbyoFEcyAIlpaIq00RK-cER56O9PRO82FOfjtzNntUMHkYV2mWF6MlwUCb4G1-CRBWbeMfw&google_hm=Q0FFU0VLbm14SU40M1BsX2pKc2o1ekhRaHhN
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 2rllbtRmo0PAKInEshh3-hEZu6agdS-5qaTM3pVOI1UFno_z_fiaMw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BFC
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEMI0OuNxFzPqaKXFsU0Vyqk&c_param1=Aer7DvKculQ1EwD3kbuB9kiTg0LkPOtOgVGFb0wFxGIw7yPNVhSU3UvGCVtbino5VxlyGd5Ob1-Vp2_qS2rBjQBB-NImH1VHUstlgXdLeYEmBCegpxe...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvKculQ1EwD3kbuB9kiTg0LkPOtOgVGFb0wFxGIw7yPNVhSU3UvGCVtbino5VxlyGd5Ob1-Vp2_qS2rBjQBB-NImH1VHUstlgXdLeYEmBCegpxePE9opFp5KTtEFRoWc1...

170 B
188 B

40ms
39ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvKculQ1EwD3kbuB9kiTg0LkPOtOgVGFb0wFxGIw7yPNVhSU3UvGCVtbino5VxlyGd5Ob1-Vp2_qS2rBjQBB-NImH1VHUstlgXdLeYEmBCegpxePE9opFp5KTtEFRoWc1rVOlZbFqkkD5erLvQHHC_GCBg8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvKculQ1EwD3kbuB9kiTg0LkPOtOgVGFb0wFxGIw7yPNVhSU3UvGCVtbino5VxlyGd5Ob1-Vp2_qS2rBjQBB-NImH1VHUstlgXdLeYEmBCegpxePE9opFp5KTtEFRoWc1rVOlZbFqkkD5erLvQHHC_GCBg8
date: Sun, 26 Mar 2023 11:56:15 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BFC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPq6gh7TNHWIHkwFx6f_KNI&google_cver=1&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eIjU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPq6gh7TNHWIHkwFx6f_KNI&google_cver=1&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5NTU5MjgyNzYyMDI0MzA3NA&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eI...

170 B
188 B

37ms
37ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5NTU5MjgyNzYyMDI0MzA3NA&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eIjUeK4Aw-C42Pk3lI8lO3dG9pxmf9R8bf3HDg4Qxw_priJMzQJTgl9aleKL7RTqDrRFFvcFE5Ki7GX-mOg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5NTU5MjgyNzYyMDI0MzA3NA&google_push=Aer7DvLx2U8eLqeGn9Oh4JlZU95E-lFsD7YevJu1zbMspX6pYuqc5vVsR33rAs5JimdJZnMbbaO0eIjUeK4Aw-C42Pk3lI8lO3dG9pxmf9R8bf3HDg4Qxw_priJMzQJTgl9aleKL7RTqDrRFFvcFE5Ki7GX-mOg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BFC
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDJrtW9H002wOVac2zjh_A&google_cver=1&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRi...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFDJrtW9H002wOVac2zjh_A&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRi...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRiY7pg0Zk6XS9xYou8CfRPAngUZH2dy8vHnp8Lj2kbh9QUS8...

170 B
188 B

39ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRiY7pg0Zk6XS9xYou8CfRPAngUZH2dy8vHnp8Lj2kbh9QUS8iMZtt8rgCuB7lW1l9-NXY_aoZ5lc&google_hm=UFZzdVpnVjk3b3BUbmpIOTBNNDk=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIYBLGkvxwixM90TeTKFr4HX8MpKQ4R1jAgx379zTjQF0V1R-McDehhv9mMg5Qj4xqikJkrLfd0GIgRiY7pg0Zk6XS9xYou8CfRPAngUZH2dy8vHnp8Lj2kbh9QUS8iMZtt8rgCuB7lW1l9-NXY_aoZ5lc&google_hm=UFZzdVpnVjk3b3BUbmpIOTBNNDk=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 295
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 8BFC 43 B
297 B 311ms
30ms Image
image/gif 2600:1f18:445b:902:bbbf:5bf8:ab61:bf38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELP1k-EnRF6fBPXQnnSKyP8&google_cver=1&google_push=Aer7DvIE0K996qjjpgWqf-OWlo6yzOb3jEI9nI5UAZzCBrlyVN_IJvi65gpqzgLyIcr8LSyXsZHGTMbryqx5hpcZ_SK6uiAHEX30qnzmULMlGOeFNjf-zxou-LnrOO_L5MJJoR3eG0wuR8ivaqa56UoAuevVoPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:902:bbbf:5bf8:ab61:bf38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BFC
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEC3HReBsWxSQYfUGy0mwhhw&google_cver=1&google_push=Aer7DvLmJo-M_6pI5_ma5q_qol3nK3iY9hdyRIua5x-7CzLlY0-oeQQW2...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLmJo-M_6pI5_ma5q_qol3nK3iY9hdyRIua5x-7CzLlY0-oeQQW2mGIjth0lUtDitOVQXyDFSu979yw-hc3TRayPpvSu-mAmie6iFSztyaeZ6HRBf4vWni4q58WF...

170 B
188 B

38ms
36ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLmJo-M_6pI5_ma5q_qol3nK3iY9hdyRIua5x-7CzLlY0-oeQQW2mGIjth0lUtDitOVQXyDFSu979yw-hc3TRayPpvSu-mAmie6iFSztyaeZ6HRBf4vWni4q58WF4aXt8c5aAL2mieGyck_D1LYtjsqx2w&google_hm=QlMuOGY1Yi1mOGVhLTQzZWMtYjFlNg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLmJo-M_6pI5_ma5q_qol3nK3iY9hdyRIua5x-7CzLlY0-oeQQW2mGIjth0lUtDitOVQXyDFSu979yw-hc3TRayPpvSu-mAmie6iFSztyaeZ6HRBf4vWni4q58WF4aXt8c5aAL2mieGyck_D1LYtjsqx2w&google_hm=QlMuOGY1Yi1mOGVhLTQzZWMtYjFlNg==
Date: Sun, 26 Mar 2023 11:56:15 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BFC
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEDZbZI-drXQpRijx4CO4ooU&google_cver=1&google_push=Aer7DvIbrDidcK_cPtjF9n7ItYcAkW17Bz3Ce-E9NcAMdzIdQiGTkHw1rBDIlLsh74kKGe1IhUmObtO4fJNIjKnRivX1JEsFx...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvIbrDidcK_cPtjF9n7ItYcAkW17Bz3Ce-E9NcAMdzIdQiGTkHw1rBDIlLsh74kKGe1IhUmObtO4fJNIjKnRivX1JEsFxZk0p0VSKPjwS3s2qGQ5SWm9FsMFf...

170 B
188 B

38ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvIbrDidcK_cPtjF9n7ItYcAkW17Bz3Ce-E9NcAMdzIdQiGTkHw1rBDIlLsh74kKGe1IhUmObtO4fJNIjKnRivX1JEsFxZk0p0VSKPjwS3s2qGQ5SWm9FsMFfpqq-gQElUuCqfX7mqdgoUVWQ7YkfrjDEtPi&google_hm=29fe4edc8a2521af3c47adaab7237220

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvIbrDidcK_cPtjF9n7ItYcAkW17Bz3Ce-E9NcAMdzIdQiGTkHw1rBDIlLsh74kKGe1IhUmObtO4fJNIjKnRivX1JEsFxZk0p0VSKPjwS3s2qGQ5SWm9FsMFfpqq-gQElUuCqfX7mqdgoUVWQ7YkfrjDEtPi&google_hm=29fe4edc8a2521af3c47adaab7237220
date: Sun, 26 Mar 2023 11:56:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8BFC 0
49 B 41ms
39ms Image
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0c7pCo2VvxX6l7y-xX9MnG-Tus4koqe5OC76_R2elguN3GBXvLH9CQEqEB71YIOIQMn9EfTc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2137766368830030&output=html&h=600&adk=264133007&adf=2073637868&pi=t.aa~a.4006690040~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1679831774&rafmt=1&to=qs&pwprc=3362168059&format=300x600&url=https%3A%2F%2Ftourovpn.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679831774394&bpp=4&bdt=760&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D570768aa91ba5f33-2200990ae7de00f5%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ&gpic=UID%3D00000a32028c738a%3AT%3D1679831774%3ART%3D1679831774%3AS%3DALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA&prev_fmts=0x0&nras=2&correlator=6540198378448&frm=20&pv=1&ga_vid=1748033729.1679831774&ga_sid=1679831774&ga_hid=236587048&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=1653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31073104%2C31073106%2C44787455&oid=2&pvsid=4233631143144009&tmod=2102595997&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jzHWqhpnLv&p=https%3A//tourovpn.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 6DB3 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6DB3 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6DB3 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 6DB3 15 B
324 B 23ms
21ms Script
text/javascript 104.76.104.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5678&&vgd_canary=0&vgd_l2type=scs_newfl&fp=vKkbn3SAnOoJctERSgRJ_r8JCfn5Fcq4ktn5Z4tqlhbUTS7duM0_GCsaznPXAhNXrI_RCI7G_QmBeLN3s7WVQdrTTkVnOGdMoj87f5MF_YBfhGYlfDZ6-GUo-y_9u7Y80nDvJwDydIM%3D&cme=MFzHPoYenXK5FiSamZwTiunZSpc87WDHpOMik8bjihC47RGQVhgZo0nrzTfZXDNO4xWI4cK9kJwVaGg-D7e5pcTK6x4mIl2AqIlEgWKXiRFXesQ9Z-8UB2UoFALmmeHzFqIenK-GQFKWSuGH-X_g1kOX3A_nR7FrqPyp5nzeEkU0eAOPvUJGSJBRqKgAVEJdJYg828OMFWKVTXEvAQ4XzSF7KaNbZXRg%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CYfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD5YKRmSXFSY0p_fOEzOGpMXKxePsexLkdk%3D%7CB2JVFcOYLHiyn0tdrFrbZc6f6tm_XYZ3OqxFG_OO5szCTI0zdPCUdjnLetGLECMeyZ-i2DGv055VKX_nuoOhVn97SleDC2y4yaXaItt898ziR4Ucp4d5D-aHglmBo4hiiipVa_tcOgmGLE5ZVyPlavKKNmAw29Xd8Du1q0oLXhsjAPkOfeswJuNCc6W0mhh-BQrWq7QMO5q6_6kIa7Kac0LwgSfE7gve0njhuzRAKabkOzRkoCU079BwsltqYX00%7C&subBdr=196&bdrid=313&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=%2430+an+Hour+No+Experience+Jobs&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=350784374&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D1.05%7C12%3D0.58%7C1%3D0.68%7C2%3D1.85%7Cps%3D0.394%7C3%3D0.17%7C4%3D4.58&ktd[]=274894881024&ktrkt[]=%2430+an+Hour+No+Experience+Jobs&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D3.36%7C12%3D1.14%7C1%3D2.93%7C2%3D10.65%7Cps%3D0.394%7C3%3D1.01%7C4%3D4.55&ktd[]=274894881024&ktrkt[]=No.1+Stock+to+Buy+Now&kwd[]=Ford+F-150+Pickup+Truck+Prices&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=329727114&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.25%7C12%3D0.12%7C1%3D0.14%7C2%3D0.70%7Cps%3D0.394%7C3%3D0.08%7C4%3D3.72&ktd[]=274894881024&ktrkt[]=Ford+F-150+Pickup+Truck+Prices&kwd[]=Foods+to+Eat+to+Reverse+Diabetes&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=330245443&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.60%7C12%3D0.20%7C1%3D0.60%7C2%3D1.97%7Cps%3D0.394%7C3%3D0.22%7C4%3D3.99&ktd[]=274894881024&ktrkt[]=Foods+to+Eat+to+Reverse+Diabetes&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.26%7C12%3D0.11%7C1%3D0.13%7C2%3D0.68%7Cps%3D0.394%7C3%3D0.09%7C4%3D3.89&ktd[]=274894881024&ktrkt[]=Best+Dentists+Near+Me&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D1.11%7C12%3D0.43%7C1%3D0.51%7C2%3D1.53%7Cps%3D0.394%7C3%3D0.44%7C4%3D3.50&ktd[]=274911658240&ktrkt[]=Bank+Owned+Cars+for+Sale&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.38%7C12%3D1.26%7C1%3D0.48%7C2%3D2.59%7Cps%3D0.394%7C3%3D0.63%7C4%3D3.47&ktd[]=274911658240&ktrkt[]=Stocks+to+Invest+In&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=18&hint=&cc=CA&wsip=170774754&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22cmz7LJ1j%22%2C%22QQ8E%22%3A%22fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22%3DKog%3D%22%7D&cid=8CU7Q771E&vi=1679831775949618770&vsid=3228333751455231&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=3&vgd_tsce=L84-S84&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=20359&vgd_nrrmf=1000ca0a&vgd_nrrsf=scrr&vgd_cty=montreal&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1679831775176190998&tsrc=entity&sttm=1679831775209&upk=1679831775.628&hvsid=00001679831775209025035145529781&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300300060000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO6CSQ66&abpl=2&kbbq=%26asn%3D16276&vgd_vstrid=3228333751455231&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9X~eBMJ-Nv9.fA~e8QMQOvFA9~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9AfF9F~8xLjMGvuiAF.i~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.XW~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvu9~L88Ex1vA%2CA~J7vff~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fA9AfF9h~e8QMGvfAh.hW~xLjMGv9.Xf~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9X~ejfLMxLjMUNv949~GYvu~Q8OvXfff9hWuf~QOv9~x8OvfV1ZwIjT88OZfQ6fVy~G7OvWWuhFfuHi9i9HWWXW9X9iiWufF9WAWHhu9hfuuuXfiFWiHXHuuhii9uWWhFHhH9FhHWWfAFf9AiWFiAHFFH9uFFuhFFifu9ihfuF~eBxv9.fA~OfEMjvu9~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iW~exLjMGv9.hh~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvHh.Af~exLjMjvf9~%3DVvfWWH~z7Qvf~7Gvou~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.A~8Q8kv9~jNvu~G8Ov9.9X~ONvW~ejfLMGvH.WW~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.fA~1YEvu~NGOEv9.9AH~OYYvw1LYmz5~Qx8Ov%3DK4b4RDEcOWU83_Wt8HK8bIb0xH~O7NvJ1Q7MQN~-8OvKrtoExGofuAhhFFAFWWA99A9~O1jyvOJk1xj7~w7Yjvu~1OGjUvuhHiuXfXhF~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9X9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vA9~OmyGv9ou~8GNvu~zQlvf~7yQvuF9-F99%7CA99-F99~GQGv9~GQEv9~7Y-vuWA&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=426&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001679831775209025035145529781&rc=0&rand=1679831775521&acid=acd88e2de3514792a7612aef979c078d&matm=1679831775522&requrl=https%3A%2F%2Ftourovpn.com.br&vgd_ltimesrc=1&vgd_ltime=637&vgd_rtime=623&vgd_etm=72&vgd_l1hcsd=Opsd3%7C1944&vgd_l1ch=1&vgd_lhl=2812&vgd_pgid=p1166391286t202303261156&vgd_csip=rtb-appnexus-dd88bd98c-gg4mx.SC&vgd_sbSup=1&vgd_nrrs=20359&vgd_cdv=902&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.104.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-104-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
DATA 200
OK truncated
/ Frame A651 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A651 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A651 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame A651 15 B
324 B 25ms
24ms Script
text/javascript 104.76.104.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6122&&vgd_canary=0&vgd_l2type=scs_newfl&fp=vKkbn3SAnOoJctERSgRJ_r8JCfn5Fcq4ktn5Z4tqlhbUTS7duM0_GCsaznPXAhNXrI_RCI7G_QmBeLN3s7WVQdrTTkVnOGdMoj87f5MF_YBfhGYlfDZ6-GUo-y_9u7Y80nDvJwDydIM%3D&cme=pFos4c7zwz2ljMcrF3e80Xg9HQadhvFrsLM8TQxj2xNZuEdRyLImkeGGDcOXry3OBXGpsrpvd6nf0mX9VSu84hYOGnbMRq9KfdIxN3uAg49qfeB3q_yopI735n7JQd5oU4GVhqXkTKnyIz57TsW_hyLb5v1OAtOjqm2luQLkQhNCaSRnq_c9us-STZOb06rG_hYHr0WOb-716ARoMDHhyhY6tJESryND%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CYfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5YKRmSXFSY0p_fOEzOGpMXKxePsexLkdk%3D%7CVTD9RU1aeVo2KFSXOZ6o_5H21yu_ikieWL3tR1xFQUXIizLRw9W-jBKf1omzdLaIY7ofGFEgtLt0M98fqz6GCmvLFyfc4e1uUIGuwWeQ6gf_KaIG_3dukjn1_h9-IEM8_cpTw_PrLUc-DdvfCb5aE2fO0HPbp_dTZbW3zbwyUbwsNZg06D8M4Nh5Vw603jjlEUCdMWilmYM35ecRd_NYEnaWS5OaL--7w6bO01TKVDOwGR10gTYXsiPztG6iURWL%7C&subBdr=196&bdrid=313&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=How+to+Lower+Blood+Pressure+Quickly&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=98521951&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.35%7C12%3D1.21%7C63%3D0.05%7C60%3D0.38%7C10%3D3.27%7C66%3D0.93%7C1%3D0.92%7C2%3D3.01%7Cps%3D0.394%7C3%3D0.20%7C4%3D4.32&ktd[]=274911658240&ktrkt[]=How+to+Lower+Blood+Pressure+Quickly&kwd[]=5+Best+Medicare+Advantage+Plans&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=329937320&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.58%7C12%3D0.08%7C63%3D0.05%7C60%3D0.10%7C10%3D3.27%7C66%3D0.90%7C1%3D0.10%7C2%3D0.95%7Cps%3D0.394%7C3%3D0.08%7C4%3D2.62&ktd[]=274894881024&ktrkt[]=5+Best+Medicare+Advantage+Plans&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.74%7C12%3D1.26%7C63%3D0.05%7C60%3D0.38%7C10%3D3.27%7C66%3D1.78%7C1%3D0.48%7C2%3D2.59%7Cps%3D0.394%7C3%3D0.63%7C4%3D3.47&ktd[]=274911658240&ktrkt[]=Stocks+to+Invest+In&kwd[]=%2430+an+Hour+No+Experience+Jobs&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=350784374&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.26%7C12%3D0.58%7C63%3D0.05%7C60%3D1.05%7C10%3D3.27%7C66%3D0.34%7C1%3D0.68%7C2%3D1.85%7Cps%3D0.394%7C3%3D0.17%7C4%3D4.58&ktd[]=274894881024&ktrkt[]=%2430+an+Hour+No+Experience+Jobs&kwd[]=Apply+for+Stimulus+Check&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=214431410&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.65%7C12%3D0.11%7C63%3D0.05%7C60%3D0.66%7C10%3D3.27%7C66%3D0.38%7C1%3D0.11%7C2%3D0.67%7Cps%3D0.394%7C3%3D0.02%7C4%3D3.46&ktd[]=274894881024&ktrkt[]=Apply+for+Stimulus+Check&kwd[]=Average+Retirement+Income&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=2721539&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.16%7C12%3D0.39%7C63%3D0.05%7C60%3D0.57%7C10%3D3.27%7C66%3D0.84%7C1%3D0.52%7C2%3D1.80%7Cps%3D0.394%7C3%3D0.13%7C4%3D3.87&ktd[]=274911658240&ktrkt[]=Average+Retirement+Income&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.55%7C12%3D0.11%7C63%3D0.05%7C60%3D0.26%7C10%3D3.27%7C66%3D0.79%7C1%3D0.13%7C2%3D0.68%7Cps%3D0.394%7C3%3D0.09%7C4%3D3.89&ktd[]=274894881024&ktrkt[]=Best+Dentists+Near+Me&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=18&hint=&cc=CA&wsip=170774690&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22cmz7LJ1j%22%2C%22QQ8E%22%3A%22fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22%3DKog%3D%22%7D&cid=8CU7Q771E&vi=1679831775740289556&vsid=3228333751455236&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=3&vgd_tsce=L84-S84&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=20359&vgd_nrrmf=1000ca0a&vgd_nrrsf=scrr&vgd_cty=montreal&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1679831775192239729&tsrc=entity&sttm=1679831775314&upk=1679831775.29099&hvsid=00001679831775314025035145526465&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300300060000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO6CSQ66&abpl=2&kbbq=%26asn%3D16276&vgd_vstrid=3228333751455236&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9X~eBMJ-Nv9.uW~QYYMG8Ov9.9A~e8QMQOvFA9~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9AfF9F~8xLjMGvuiAF.i~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.XW~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvu9~L88Ex1vA%2CA~J7vfA~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fA9AfF9h~e8QMGvfuA.Fh~xLjMGv9.Xf~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvA.9Fu9~xLjMjvf9~yN17vou~GGvuiF~eev9~QYYMYxjv9.Fh~jfLMGvu999~JLEYv9.9X~ejfLMxLjMUNv949~GYvu~QYYMQOvf9fA9AfF9H~Q8OvXfff9hWuf~QOvu~x8OvfV1ZYlP0TtWmfIwqb2~G7OvWWuhFfuHi9i9HWWXW9XuXi9iWuXW9WWHXuFWWi9AWWHF9hiF9uuXFAXWWAXAfu99XuHuihAAFuiuFAhFiuFHhhfXXfFiiuhFXX9H~eBxv9.uW~OfEMjvu9~AENkvu999~x8Yv9~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.iW~exLjMGv9.hh~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvHh.Af~exLjMjvf9~%3DVvfWWH~z7Qvf~7Gvou~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.A~8Q8kv9~jNvu~G8Ov9.9A~ONvW~ejfLMGvH.WW~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.uW~1YEvu~NGOEv9.9A9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov%3DK4b4%3D6jH3qeIi%20qNd0Tk84d2%20K~QOvu~O7NvJ1Q7MQN~-8OvKrtoExGofuAhhFFAFWWA99A9~O1jyvQYY~w7Yjvu~1OGjUvfFHuAA99h~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9X9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~QYYM1E8veu~8GNvu~zQlvf~7yQvuF9-F99%7CA99-F99~GQGv9~GQEv9~7Y-vuXh&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=426&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001679831775314025035145526465&rc=0&rand=1679831775675&acid=7085998688054b9d845ff75e1e7aacec&matm=1679831775675&requrl=https%3A%2F%2Ftourovpn.com.br&vgd_ltimesrc=1&vgd_ltime=669&vgd_rtime=656&vgd_etm=20&vgd_l1hcsd=Opsd3%7C1944&vgd_l1ch=1&vgd_lhl=2904&vgd_pgid=p1166391286t202303261156&vgd_csip=rtb-appnexus-dd88bd98c-46cfk.SC&vgd_sbSup=1&vgd_nrrs=20359&vgd_cdv=902&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.104.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-104-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 26 Mar 2023 11:56:15 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 26 Mar 2023 11:56:15 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 53ms
52ms Image
image/gif 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.360963093159473

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-fGBRYO_80pZZF4jcpUFZ0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-fGBRYO_80pZZF4jcpUFZ0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 43ms
42ms Image
image/gif 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.5926415682706025

Requested by

Host: tourovpn.com.br
URL: https://tourovpn.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-173-m_r9RKp8PZf4U6a73Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-173-m_r9RKp8PZf4U6a73Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
45ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zIo3ulCEEmNb0Jey97dzbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-zIo3ulCEEmNb0Jey97dzbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tourovpn.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad- Show response
fundingchoicesmessages.google.com/f/AGSKWxUfB-nS6oEAyOyY7iPc6qBuh1UWBgRC0BzqjlrYEPW-tgarPjvmhNxCYLeriloD8gc6zXCEjpKZh9Om8orI6hCGA-WWJCk7C6YCKe8u64FZIEUA4MSMpWP6fTf2D5AWxTfzWKFvu_ema1tyQRPKZRuhg_nZ3... 54 B
109 B 47ms
46ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUfB-nS6oEAyOyY7iPc6qBuh1UWBgRC0BzqjlrYEPW-tgarPjvmhNxCYLeriloD8gc6zXCEjpKZh9Om8orI6hCGA-WWJCk7C6YCKe8u64FZIEUA4MSMpWP6fTf2D5AWxTfzWKFvu_ema1tyQRPKZRuhg_nZ3JLLAY1pQd1FN3_H_34dNQ89uhEZC--Q/_/ad41_/ad-invalid-/adbrite2./commercial_top./stuff/ad-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tmXjc5t-4E0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxU-9ACQaEO6yF3t3Gw5WX9IkM1pw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d569a2038a8b4494c44e1ce659c11bcee3781fb462ebf8deb4c3926bab759aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-krE8YcLc7gSqc154E4PvqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-krE8YcLc7gSqc154E4PvqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 45 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tmXjc5t-4E0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxU-9ACQaEO6yF3t3Gw5WX9IkM1pw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a0fd1061cad61d46b13556482b3718b2de943f5edcb88518ebaf4f8bcce1a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15861
x-xss-protection: 0
server: cafe
etag: 1533208367902931449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 12:22:36 GMT

POST
H3 204 AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vUbgfsPKMi5xrpzHNRVq8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vUbgfsPKMi5xrpzHNRVq8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tourovpn.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
41ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zkX0Dl7gu5AyH7pjxBuGtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zkX0Dl7gu5AyH7pjxBuGtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tourovpn.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
44ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HXHMzHIHdcuKkmBDkYJFzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-HXHMzHIHdcuKkmBDkYJFzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tourovpn.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 47ms
46ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2JXikuhLXvfKfkkhHO56OThZlw0Z6_cM_omrKTUPAhsK4PL4NROD3jvvp7ZGRRwRt7AhyUvUnH-7bBYFU_GsMg5yfg1vbShExe5OmIY74n-rACWtHdfo4-IuQZo0SkB_492loeA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lVPNFSQlQVLHF6nPwl0oSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-lVPNFSQlQVLHF6nPwl0oSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tourovpn.com.br
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVE48us7MX9mXPdbFCD_ve2er8dqPXI-WP9qXsnnb0nrvo-14cQpvY33pCMAwZORxBxNgglE4stkfCAD4lczCXsXOgcWYWmSd5Eja-p5t1IR_pkJJ7EDRdTF8uAvHSY81MJANJxiA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
58ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVE48us7MX9mXPdbFCD_ve2er8dqPXI-WP9qXsnnb0nrvo-14cQpvY33pCMAwZORxBxNgglE4stkfCAD4lczCXsXOgcWYWmSd5Eja-p5t1IR_pkJJ7EDRdTF8uAvHSY81MJANJxiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc5ODMxNzc2LDYwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdG91cm92cG4uY29tLmJyLyIsbnVsbCxbWzgsInRtWGpjNXQtNEUwIl0sWzksImVuLVVTIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4a6f49f137c1b2a6d1c12b3d995a3bd56297d06febc14c266e25665455872df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gfeCdolsot0OuVsNrTrmXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-gfeCdolsot0OuVsNrTrmXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWyDyLgFr9WX55vTOB9KtWRCtqOVTk9NwadZbpHQP0MAALZv_oFG9J7iIj65qCYoR2nJDs8cGSZO7WE4zGOu71NI5GzCTv5i_f0Zbm1SIMEqlOqWtRJrrVhwZN0vZ97rB9OaSp85A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWyDyLgFr9WX55vTOB9KtWRCtqOVTk9NwadZbpHQP0MAALZv_oFG9J7iIj65qCYoR2nJDs8cGSZO7WE4zGOu71NI5GzCTv5i_f0Zbm1SIMEqlOqWtRJrrVhwZN0vZ97rB9OaSp85A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FJfYRgAC5u44ghB0vE82WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 11:56:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FJfYRgAC5u44ghB0vE82WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tourovpn.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dark-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 17ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c221f3541cb3e9513392969f4dbdc0080da7f66332076e22aeb530828ef46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4400278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 734
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKuMPmpucPDDqTLY3Ka8ia2uK7QhLPvTGzApb3jNm9q8Fu4HAwFCTQG0DK1s2I9wzVtZDy1R2IT5arBwWxGSIYuPwMZmMVo19yPbK%2B91TOYYQsByVGnusRSM1hvGrQBD7UJ3yxe1Gcu4KDJFqFMdNhKP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7adf35a07baa4bcb-YUL
expires: Fri, 15 Mar 2024 11:56:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 42ms
41ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67100ce97b2e68b8d29fe67c85d1896445169af9ae20e4e76372d3f0ed7837c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11167
x-xss-protection: 0

GET
H3 200 logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
4 KB 27ms
26ms Image
image/png 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 821326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3087
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiagGKIY9QOCIBCJW3WScp7DlfbmeGXTIeiDZSVkSzaJRSjq2w1XrYHXKAA9N4F4NLg0h9qMGsjHot%2F1teH2L0VswPXdfvUxay%2BIP4qB6DDBp6tDE%2FduQ7ZfMtMW640y18%2FGmW8yyeI%2FRzwtjc8Qh6VK"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7adf35a0ab98ca57-YUL
expires: Fri, 15 Mar 2024 11:56:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 11:56:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3241 13 KB
5 KB 23ms
20ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 6191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 10:13:06 GMT
expires: Mon, 25 Mar 2024 10:13:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4423 783 B
998 B 43ms
41ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b239cde97b0fc8ba8fe754609a77ddbed6b2cda766d4de7a6a02e283e1d6803e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_7OhAHc-kO-pikOVU7isRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourovpn.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-_7OhAHc-kO-pikOVU7isRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 11:56:17 GMT
expires: Sun, 26 Mar 2023 11:56:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3241 36 KB
14 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 16:54:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4423 0
0 79ms
78ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=4233631143144009&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3241 0
10 B 21ms
20ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A7kZlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:56:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
83ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=4233631143144009&bg=!0tGl0YXNAAbO2UOH7tk7ADkAdvg8WpdT2DVDLiW3M7pAUORNkxb_kUIeiKESo8l6Et537zmNScz7Jo_rffAqTHqpXJENGifAKBQCAAAAf1IAAAAEaAEHCgAPITx3y1onYivI60EHaXgwmQKg2UK8NIi_DorKFiosrOBP0tkV2nD088dximMewB5rzLPL7r6esXbnfyfP_xIxIuifRdC4HSmw9bNBgtI2f6GvpQjaOi98OBVe7h-bZzMwdZ6ySPA2qDqx2IwZt6RUWmiEB79n8a_WrTDuBXSl8I2hgrhfxXbU-mOsduOmRjIJR3RG8HMNcCEfNm4Na51DMe46p05SG6ZyYqQXROWDqg4Whdcq9p-pisDv0qY5bALSSuGzJRdGduNuFen1IBqtwG9cICn-L3xmT20WKuh_2RQoWhRgrVzgfgb1T2wPkM0FDmazzfEpx6SdJo4Ngn58TINdEH_quEaAHpon-ZqvLzq93TA6WvGXyK2Cr76B9Kd1lkFzPKsAq56TnxNDy4HyCXqtZ_dSUg2r1fNM3hQPvCRwOY3V55bi2CXYA17jrI5epg_GSk8A56NTVqCxqrw-Q7IouGvKEfbO7wCdew-oRZSa6Cu0dSKeDALGooTuHldFmZRnFqy8ICZnFgaM6MTrlMxtHiIHblWQO0btnRzdXsc3MLat7dP0TGoUw6dXMznzymKzs2FtgiibQE6leLQf9ZhmIrwmaIZg-fiARloTzYG0JoE5Ux5mrbFZknP4eLfCVRZkyyjIx2bvjrk5Wl1lp8BWU5bXw_2xfJZ2Gb_SPd0n2xVhHAJhkpmvGp3PxScTI8sawAIPZkz-6mVO4M7ET1wgOMuuoqlgDHrX0HVVJZMncJObktaRIGMqyCMujWEuUEqQRD4hHia51a-IIaUf9AnxunJkyM8D89BlVuQSNie0lN5fqxf_rp2BzxDeuoAghjYCULEVg8boeJbCUEpqGvQu7ztABJYmFQnhj6pkJOUmxZMey3-GtsqECf3bVOscQ8_HBpEMsnCw0fP1ihhaSlbf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tourovpn.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tourovpn.com.br
URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: www.tourovpn.com.br
URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: www.tourovpn.com.br
URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tourovpn.com.br/	1970-01-20 20:13:11	Name: _ga_RLT8WTQYN2 Value: GS1.1.1679831774.1.0.1679831774.0.0.0
.tourovpn.com.br/	1970-01-20 20:13:11	Name: _ga Value: GA1.1.1748033729.1679831774
.tourovpn.com.br/	1970-01-20 19:58:47	Name: __gads Value: ID=570768aa91ba5f33-2200990ae7de00f5:T=1679831774:RT=1679831774:S=ALNI_MbVMIPBmNEk19fzFnRykF5KZ-0bhQ
.tourovpn.com.br/	1970-01-20 19:58:47	Name: __gpi Value: UID=00000a32028c738a:T=1679831774:RT=1679831774:S=ALNI_MYKZE7EoWD8vgSCQ805fasJ09bVQA
.doubleclick.net/	1970-01-20 20:13:11	Name: IDE Value: AHWqTUnCl39BZmWSNzgRcTPpX-g_iedYfPKKwMr6zVMC5Lx6xrVa9cft5JW0xYxi-3M
.media.net/	1970-01-20 19:22:47	Name: visitor-id Value: 3228333751455231000V10
.ctnsnet.com/	1970-01-20 19:22:47	Name: cid_4f9bc2aee4e34b72b83fada7b93f538a Value: 1
.ctnsnet.com/	1970-01-20 19:22:47	Name: gid_CAESEHN_oBJ6ncmQ-T5MbzggmqE Value: 1
.adform.net/	1970-01-20 11:21:50	Name: C Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129XD0cvdKTbXIMAk2d3WLTCo2cSytyAcAPxxmah4AAAA
.rfihub.com/	1970-01-20 19:58:47	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129XD0cvdKTbXIMAk2d3WLTCo2cSytyA_iNTQzt7QwNjQ3NzU1tXzFiMoHAJCaoH89AAAA
.rfihub.com/	1970-01-20 19:58:47	Name: rud Value: H4sIAAAAAAAA_-MSNrWwMDE2NzW1tDQyNza2MLQ0NBTiM9TN8HYvLPQyzvPzjigBAPBpm2ElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrWwMDE2NzW1tDQyNza2MLQ0NBTiM9TN8HYvLPQyzvPzjigBAPBpm2ElAAAA
.quantserve.com/	1970-01-20 12:46:47	Name: d Value: EH0BCQHNKIEA
.quantserve.com/	1970-01-20 20:07:26	Name: mc Value: 642032df-88bcd-fa751-94807
.teads.tv/	1970-01-20 19:21:21	Name: tt_viewer Value: a478813d-7e9d-4f26-8cb4-f5755fad9633
sync.srv.stackadapt.com/	1970-01-20 19:22:47	Name: sa-user-id Value: s%3A0-4263f094-4c93-5e85-50c1-1c0d9b792ac7.6veRiwMdvX1eLcDKh3Jx5CkLvKtYSAw3pMxIhVgpop8
sync.srv.stackadapt.com/	1970-01-20 19:22:47	Name: sa-user-id-v2 Value: s%3AQmPwlEyTXoVQwRwNm3kqx5U4mbg.tv35rrHUS9W%2BVxBgR8UpBvc5WgXFKoaeeRRWVDgjG0s
.srv.stackadapt.com/	1970-01-20 19:22:47	Name: sa-user-id-v2 Value: s%3AQmPwlEyTXoVQwRwNm3kqx5U4mbg.tv35rrHUS9W%2BVxBgR8UpBvc5WgXFKoaeeRRWVDgjG0s
.mediago.io/	1970-01-20 19:22:47	Name: __mguid_ Value: 29fe4edc8a2521af3c47adaab7237220
.adform.net/	1970-01-20 12:03:35	Name: uid Value: 4795592827620243074
.uuidksinc.net/	1970-01-20 19:22:47	Name: jcsuuid Value: bYYbqAMJZnPSN3zGrQCW
.innovid.com/	1970-01-20 12:46:47	Name: uuid Value: 5549256d-7561-40c1-9f0c-1eb30c8dfbc6-20230326 07:56:15
.agkn.com/	1970-01-20 19:22:47	Name: ab Value: 0001%3AnbfoMcix1ux0ofXVoulLCgpVhn%2By0j8y
.agkn.com/	1970-01-20 19:22:47	Name: u Value: C\|0CEArsu9fK7LvXwAAAAAAAQ13AQCAAQpAAAAAAA
.media.net/	1970-01-20 10:57:21	Name: data-g Value: CAESEK_xBXO9ELDwXZGYH2kCWiM~~6
.zemanta.com/	1970-01-20 19:22:47	Name: zuid Value: PVsuZgV97opTnjH90M49
.tourovpn.com.br/	1970-01-20 19:22:47	Name: FCNEC Value: %5B%5B%22AKsRol81i8z1IgwXBhl60lv55Matn74smuO-p0MOchWPd3Xng4LqV4iE9b3I8Exn-MBClEcQw5zffu6gJLfs6yemthFyV_igZJwfZGYaCijHnNAvt_lXLybJG1LSc2QGEY8Tr25qBoG7Xz3uyW_Jr1gyru3z8rewDg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://tourovpn.com.br/ Message: Access to font at 'https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://tourovpn.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tourovpn.com.br/ Message: Access to font at 'https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://tourovpn.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tourovpn.com.br/ Message: Access to font at 'https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://tourovpn.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.tourovpn.com.br/temas/TouroVPN/assets/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
adservice.google.ca
adservice.google.com
ag.innovid.com
b1sync.zemanta.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hblg.media.net
im.bluevoox.com
ius.ctnsnet.com
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
s.uuidksinc.net
sync.srv.stackadapt.com
sync.teads.tv
tourovpn.com.br
tpc.googlesyndication.com
trace.mediago.io
warp.media.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tourovpn.com.br
www.tourovpn.com.br
104.117.182.8
104.76.104.25
142.251.32.98
185.167.164.43
199.38.167.131
23.215.130.171
23.34.248.177
23.41.168.23
2600:1f18:445b:902:bbbf:5bf8:ab61:bf38
2600:9000:25c8:9c00:19:fc2c:a140:93a1
2606:4700::6811:180e
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:824::2002
2620:116:800b:21:c1e8:5385:5098:6bf0
31.220.27.155
35.186.193.173
35.208.249.213
51.222.88.201
52.0.142.7
52.45.175.185
64.74.236.159
96.17.64.29
96.6.23.74
0099412f64cc4e40a3b65d0cded01193b202712a96345826e16502b7125b1166
04c6dbbd5a4d68d346a2f1da9a2eb7d859790408cd353cb71277560bf2ae1b01
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd767dca9d0e55368d7af5a9f4e8259d7c15dce609b75dcf6c1581b6280444e
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
19a37b9391cc17879cfc6834e7aef9dc4867c7099382e706dfebf0f57f8f9895
1b7c46c46b5f58ebe5c095a095d1d6888603eedf79538dfb0b93a03a19b6790e
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2d5435ef586a05994985bd14964c12a4ee77c663e1cbc283caa566559ac32308
2d569a2038a8b4494c44e1ce659c11bcee3781fb462ebf8deb4c3926bab759aa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316ac7bb766221a720de6d1491054cf81e5e3aea903c8be9f3b17c07f1362a91
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c221f3541cb3e9513392969f4dbdc0080da7f66332076e22aeb530828ef46a
377b23ca812761b4a36355183b85c3e835416e88fcb8532ba83aa17b2c3505b4
3a0fd1061cad61d46b13556482b3718b2de943f5edcb88518ebaf4f8bcce1a29
3a91610706bfd2017f3bf4fc6841c22dde8f6e4a4ec4d36c0c53ca9ec384706c
4386b2dc9a1a10d75a044a4c2c4f472938d47590cd30a5c4893481497f3f420a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaf602fa55800722160a16d4bf3d1b3fa5b3f608fbe6c19b3849b740318c09b
54e5d0e2d550c8d8025d8c2092343aebbd210db83119b3f3ed13b52b8ba86fc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c829c325c82a58132f0d2126e19252a18458a1e6c0019496a32b52ce867cc96
5fc295c25bb1a8d15b856cfdc5e3d7ba30251f7b76daa103fc5b023fa269ce22
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67100ce97b2e68b8d29fe67c85d1896445169af9ae20e4e76372d3f0ed7837c2
67305e2ad64822ba98c9d06fd51bd2693d9a757a63f0b52b6d076a313a3fd7fa
69081b9073d810ffebc861f9d9efc107ef5794a6f3770b4d74cf8d18fa9eb52f
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
8b6571ea2c3631ff50bb4b96e7f9081c6e33ebaadef9cb2ca5955d5e0b625a02
96c849bbb592c43ac92325976aa6650ee8c4bb53adaffa90ca8aa2ca99362698
9979aca13f3d43cc7975d626d8eac82573affeaaa2bab24679fc0702a5d26ad8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af458f7ed5ba14b87a3184ec48a13953e33339c6e1ea0bdf561fb3f8e261b15
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e12867389314a0594cbf4ca6907f0333303b17a9b3e1b2f777a8a8de6e63f3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a845392a7163e96a75a7272ba56ed76067a06bb72d5ee441954ab1dd7b07d903
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b239cde97b0fc8ba8fe754609a77ddbed6b2cda766d4de7a6a02e283e1d6803e
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155
c17924dae52b66967338fa290f175630d96b4c8a169ac2ad9cf2eb31438195d0
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c31407284704f5456b76da5b04fe65381a3fe13e44728f0f3deff4f5cec592ef
c3b8ba46838b00dab3a410b1a1c6042f37f9d9694079e4130c8fab769eb62066
c5ad605ff661215de3ea50a1c613ca4b8dbf3c1db8a33c50fa7933b0b3e01281
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce875ddfd5b68e8e4933ff40848905eefa53084f2c39fa699296056b41ca3738
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e7d008e5367db65ab7ffcc7d6e53b92deef491c36193717c5b98a1a519d14d
e9265c8d1f568b85f487c3cfadb4305e5d7b122a16a9ec9f8a7d116f2fa5fdab
efca8f6a667f319170d9e4d3ecf52b846df0b8f237f926ae3d70f808b67a07ad
f20785465a7789711083b554ccb1ef2b364ddd858945511ae11f8eb18b21fc3a
f4a6f49f137c1b2a6d1c12b3d995a3bd56297d06febc14c266e25665455872df
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc25b75fb3fc8b42756413be387e0d7a602813125283d2384551961d73ea784e
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293
fd0ddef06c2680407f42f9280c180c8879ef8d9b439109580ea0b1cc9f970d70

tourovpn.com.br Open in urlscan Pro 51.222.88.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

85 %HTTPS

48 %IPv6

26 Domains

36 Subdomains

25 IPs

4 Countries

1158 kBTransfer

3149 kBSize

28 Cookies

15 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tourovpn.com.br Open in urlscan Pro
51.222.88.201 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

85 %
HTTPS

48 %
IPv6

26
Domains

36
Subdomains

25
IPs

4
Countries

1158 kB
Transfer

3149 kB
Size

28
Cookies

117 HTTP transactions
8 data transactions