clubdeofertas.lojaintegrada.com.br Open in urlscan Pro
54.234.62.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3eOYJtN
Effective URL:
https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar...
Submission: On September 15 via manual (September 15th 2021, 8:17:36 pm UTC) from US — Scanned from DE

Summary HTTP 433 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 54 domains to perform 433 HTTP transactions. The main IP is 54.234.62.20, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is clubdeofertas.lojaintegrada.com.br.
TLS certificate: Issued by R3 on August 19th 2021. Valid for: 3 months.

This is the only time clubdeofertas.lojaintegrada.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
3	54.234.62.20 54.234.62.20	14618 (AMAZON-AES) (AMAZON-AES)
24	52.222.179.35 52.222.179.35	16509 (AMAZON-02) (AMAZON-02)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
3	172.67.179.39 172.67.179.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	142.250.178.8 142.250.178.8	15169 (GOOGLE) (GOOGLE)
35	216.58.213.14 216.58.213.14	15169 (GOOGLE) (GOOGLE)
2 2	104.126.37.42 104.126.37.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 27	104.21.49.22 104.21.49.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.60.218.24 185.60.218.24	32934 (FACEBOOK) (FACEBOOK)
27	104.21.48.244 104.21.48.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.32.252.69 212.32.252.69	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	104.21.72.245 104.21.72.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
68	18.231.32.240 18.231.32.240	16509 (AMAZON-02) (AMAZON-02)
1	104.22.6.7 104.22.6.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	142.250.178.3 142.250.178.3	15169 (GOOGLE) (GOOGLE)
12 28	216.58.212.226 216.58.212.226	15169 (GOOGLE) (GOOGLE)
4	142.250.200.38 142.250.200.38	15169 (GOOGLE) (GOOGLE)
16	185.60.218.35 185.60.218.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.179.238 142.250.179.238	15169 (GOOGLE) (GOOGLE)
1	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
3	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.178.10 142.250.178.10	15169 (GOOGLE) (GOOGLE)
1	172.217.169.74 172.217.169.74	15169 (GOOGLE) (GOOGLE)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.22.31.161 104.22.31.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
8	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.66.40.100 172.66.40.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.26.12.120 104.26.12.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.187.238 142.250.187.238	15169 (GOOGLE) (GOOGLE)
12	142.250.179.226 142.250.179.226	15169 (GOOGLE) (GOOGLE)
25	216.58.212.228 216.58.212.228	15169 (GOOGLE) (GOOGLE)
5	142.250.180.1 142.250.180.1	15169 (GOOGLE) (GOOGLE)
3	142.250.178.22 142.250.178.22	15169 (GOOGLE) (GOOGLE)
1 2	34.120.59.192 34.120.59.192	15169 (GOOGLE) (GOOGLE)
2	104.22.10.209 104.22.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.180.14 142.250.180.14	15169 (GOOGLE) (GOOGLE)
1	44.238.98.219 44.238.98.219	16509 (AMAZON-02) (AMAZON-02)
6	142.250.187.226 142.250.187.226	15169 (GOOGLE) (GOOGLE)
5	172.217.169.41 172.217.169.41	15169 (GOOGLE) (GOOGLE)
1	216.58.213.1 216.58.213.1	15169 (GOOGLE) (GOOGLE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	142.250.200.2 142.250.200.2	15169 (GOOGLE) (GOOGLE)
1	142.250.187.194 142.250.187.194	15169 (GOOGLE) (GOOGLE)
1	23.45.97.130 23.45.97.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
7	104.16.14.243 104.16.14.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5	52.222.179.32 52.222.179.32	16509 (AMAZON-02) (AMAZON-02)
1	195.181.175.45 195.181.175.45	60068 (CDN77 ^_^) (CDN77 ^_^)
2	104.16.13.243 104.16.13.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.186.91 52.222.186.91	16509 (AMAZON-02) (AMAZON-02)
2	52.222.186.97 52.222.186.97	() ()
2	54.230.206.121 54.230.206.121	() ()
1 1	172.217.169.66 172.217.169.66	15169 (GOOGLE) (GOOGLE)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2	142.250.187.193 142.250.187.193	() ()
433	57

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.234.62.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-62-20.compute-1.amazonaws.com

clubdeofertas.lojaintegrada.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.awsli.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.222.179.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-35.ham50.r.cloudfront.net

cdn.awsli.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.179.39 (United States)

ASN13335 (CLOUDFLARENET, US)

sp.secureserver.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.178.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 216.58.213.14 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.37.42 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-42.deploy.static.akamaitechnologies.com

app.monetizze.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.21.49.22 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

titanblue12x.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.21.48.244 (None, )

ASN13335 (CLOUDFLARENET, US)

www.desinpros.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.69 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ctrack.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.72.245 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lipotril-oficial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 18.231.32.240 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com

lipotril.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.6.7 (None, )

ASN13335 (CLOUDFLARENET, US)

ev.braip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.178.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 216.58.212.226 (Mountain View, United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.200.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.178.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.169.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.22.31.161 (None, )

ASN13335 (CLOUDFLARENET, US)

app.cartstack.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.40.100 (United States)

ASN13335 (CLOUDFLARENET, US)

api.sunset.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.26.12.120 (United States)

ASN13335 (CLOUDFLARENET, US)

conectiva.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.187.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.179.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 216.58.212.228 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.180.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
topdanet3.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.178.22 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.59.192 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 192.59.120.34.bc.googleusercontent.com

p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.10.209 (None, )

ASN13335 (CLOUDFLARENET, US)

api.performa.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.98.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-98-219.us-west-2.compute.amazonaws.com

app.cartstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.187.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.169.41 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s08-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.213.1 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f1.1e100.net

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.200.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.97.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-97-130.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.158.134.119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.14.243 (None, )

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.179.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-32.ham50.r.cloudfront.net

suite.linximpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.45 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-44.cdn77.com

pix.user-clicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.13.243 (None, )

ASN13335 (CLOUDFLARENET, US)

opi.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.186.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-91.ham50.r.cloudfront.net

api-ads.percycle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.186.97 (None, )

ASN- ()

collect.chaordicsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.206.121 (None, )

ASN- ()

ckies.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.169.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.193 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	lipotril.com.br lipotril.com.br	3 MB
35	youtube.com www.youtube.com	3 MB
34	doubleclick.net 13 redirects googleads.g.doubleclick.net static.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net Failed	18 KB
27	google.com analytics.google.com www.google.com adservice.google.com	42 KB
27	desinpros.com.br www.desinpros.com.br	2 MB
27	titanblue12x.com.br 1 redirects titanblue12x.com.br	846 KB
25	googletagmanager.com www.googletagmanager.com	1008 KB
25	awsli.com.br cdn.awsli.com.br analytics.awsli.com.br	902 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com	294 KB
18	conectiva.io conectiva.io	27 KB
16	facebook.com www.facebook.com	151 KB
12	googleadservices.com www.googleadservices.com	39 KB
9	navdmp.com tag.navdmp.com usr.navdmp.com opi.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	6 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	174 KB
8	mgid.com a.mgid.com	12 KB
6	bing.com bat.bing.com	19 KB
6	cartstack.com.br app.cartstack.com.br	15 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	79 KB
6	facebook.net connect.facebook.net	295 KB
5	linximpulse.net suite.linximpulse.net	24 KB
4	blogger.com www.blogger.com	57 KB
4	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	109 KB
3	yandex.com 1 redirects mc.yandex.com	2 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	ytimg.com i.ytimg.com	54 KB
3	ggpht.com yt3.ggpht.com	8 KB
3	google-analytics.com www.google-analytics.com	58 KB
3	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	26 KB
3	secureserver.club sp.secureserver.club	112 KB
3	rtmark.net my.rtmark.net	3 KB
2	ckies.net ckies.net	535 B
2	chaordicsystems.com collect.chaordicsystems.com	675 B
2	percycle.com api-ads.percycle.com	532 B
2	blogspot.com topdanet3.blogspot.com	19 KB
2	performa.ai api.performa.ai	769 B
2	zemanta.com 1 redirects p1.zemanta.com	531 B
2	sunset.systems api.sunset.systems	3 KB
2	monetizze.com.br 2 redirects app.monetizze.com.br	2 KB
2	lojaintegrada.com.br clubdeofertas.lojaintegrada.com.br	20 KB
1	yahoo.com cms.analytics.yahoo.com
1	mathtag.com 1 redirects pixel.mathtag.com	578 B
1	user-clicks.com pix.user-clicks.com	6 KB
1	yandex.ru mc.yandex.ru	65 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleusercontent.com themes.googleusercontent.com	23 KB
1	blogblog.com resources.blogblog.com	47 KB
1	cartstack.com app.cartstack.com	804 B
1	googleoptimize.com www.googleoptimize.com	40 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	braip.com ev.braip.com
1	lipotril-oficial.com 1 redirects lipotril-oficial.com	815 B
1	g2afse.com 1 redirects ctrack.g2afse.com	307 B
1	exoclick.com a.exoclick.com	859 B
1	bit.ly 1 redirects bit.ly	487 B
433	54

	Domain	Requested by
68	lipotril.com.br	clubdeofertas.lojaintegrada.com.br lipotril.com.br
35	www.youtube.com	clubdeofertas.lojaintegrada.com.br www.youtube.com www.desinpros.com.br
28	googleads.g.doubleclick.net	12 redirects www.youtube.com www.googleadservices.com pagead2.googlesyndication.com
27	www.desinpros.com.br	clubdeofertas.lojaintegrada.com.br www.desinpros.com.br
27	titanblue12x.com.br	1 redirects clubdeofertas.lojaintegrada.com.br titanblue12x.com.br
25	www.google.com	www.desinpros.com.br www.youtube.com topdanet3.blogspot.com tpc.googlesyndication.com
25	www.googletagmanager.com	clubdeofertas.lojaintegrada.com.br www.desinpros.com.br www.googletagmanager.com titanblue12x.com.br topdanet3.blogspot.com
24	cdn.awsli.com.br	clubdeofertas.lojaintegrada.com.br cdn.awsli.com.br
18	conectiva.io	app.cartstack.com.br conectiva.io www.desinpros.com.br topdanet3.blogspot.com
16	www.facebook.com	connect.facebook.net www.facebook.com clubdeofertas.lojaintegrada.com.br www.desinpros.com.br lipotril.com.br topdanet3.blogspot.com titanblue12x.com.br
12	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
12	fonts.gstatic.com	www.youtube.com fonts.googleapis.com topdanet3.blogspot.com
9	www.gstatic.com	www.youtube.com www.gstatic.com topdanet3.blogspot.com
8	a.mgid.com	www.desinpros.com.br clubdeofertas.lojaintegrada.com.br topdanet3.blogspot.com
6	pagead2.googlesyndication.com	topdanet3.blogspot.com pagead2.googlesyndication.com titanblue12x.com.br tpc.googlesyndication.com
6	bat.bing.com	www.desinpros.com.br bat.bing.com clubdeofertas.lojaintegrada.com.br topdanet3.blogspot.com
6	app.cartstack.com.br	www.desinpros.com.br conectiva.io www.googletagmanager.com
6	connect.facebook.net	clubdeofertas.lojaintegrada.com.br connect.facebook.net www.desinpros.com.br
5	suite.linximpulse.net	clubdeofertas.lojaintegrada.com.br suite.linximpulse.net
5	fonts.googleapis.com	www.desinpros.com.br titanblue12x.com.br
4	www.blogger.com	topdanet3.blogspot.com
4	static.doubleclick.net	www.youtube.com
3	mc.yandex.com	1 redirects topdanet3.blogspot.com
3	i.ytimg.com	www.youtube.com
3	yt3.ggpht.com	www.youtube.com
3	www.google-analytics.com	www.googletagmanager.com lipotril.com.br
3	sp.secureserver.club	clubdeofertas.lojaintegrada.com.br
3	my.rtmark.net	clubdeofertas.lojaintegrada.com.br titanblue12x.com.br
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.navdmp.com	tag.navdmp.com
2	ckies.net	suite.linximpulse.net
2	collect.chaordicsystems.com	suite.linximpulse.net
2	api-ads.percycle.com	suite.linximpulse.net
2	opi.navdmp.com	tag.navdmp.com
2	tr.outbrain.com	amplify.outbrain.com topdanet3.blogspot.com
2	tag.navdmp.com	clubdeofertas.lojaintegrada.com.br tag.navdmp.com
2	topdanet3.blogspot.com	titanblue12x.com.br topdanet3.blogspot.com
2	api.performa.ai	app.cartstack.com.br
2	p1.zemanta.com	1 redirects titanblue12x.com.br
2	api.sunset.systems	app.cartstack.com.br
2	maxcdn.bootstrapcdn.com	www.desinpros.com.br maxcdn.bootstrapcdn.com
2	stackpath.bootstrapcdn.com	www.desinpros.com.br
2	app.monetizze.com.br	2 redirects
2	clubdeofertas.lojaintegrada.com.br	clubdeofertas.lojaintegrada.com.br
1	cms.analytics.yahoo.com	topdanet3.blogspot.com
1	sync.navdmp.com	topdanet3.blogspot.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	topdanet3.blogspot.com
1	cm.g.doubleclick.net	1 redirects
1	usr.navdmp.com	tag.navdmp.com
1	pix.user-clicks.com	www.googletagmanager.com
1	mc.yandex.ru	clubdeofertas.lojaintegrada.com.br
1	amplify.outbrain.com	clubdeofertas.lojaintegrada.com.br
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	trc-events.taboola.com	cdn.taboola.com
1	themes.googleusercontent.com	topdanet3.blogspot.com
1	resources.blogblog.com	topdanet3.blogspot.com
1	app.cartstack.com	app.cartstack.com.br
1	www.googleoptimize.com	titanblue12x.com.br
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	www.desinpros.com.br
1	cdnjs.cloudflare.com	www.desinpros.com.br
1	ajax.googleapis.com	www.desinpros.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	analytics.awsli.com.br	clubdeofertas.lojaintegrada.com.br
1	ev.braip.com	clubdeofertas.lojaintegrada.com.br
1	lipotril-oficial.com	1 redirects
1	ctrack.g2afse.com	1 redirects
1	a.exoclick.com	clubdeofertas.lojaintegrada.com.br
1	bit.ly	1 redirects
0	bid.g.doubleclick.net Failed	www.googleadservices.com
433	73

This site contains links to these domains. Also see Links.

Domain
cdn.awsli.com.br
api.whatsapp.com
app.monetizze.com.br
www.gov.br
www.lojaintegrada.com.br

Subject Issuer	Validity	Valid
*.lojaintegrada.com.br R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.awsli.com.br Amazon	`2021-03-26` - `2022-04-24`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2021-08-03` - `2022-09-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-29` - `2022-01-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
lipotril.com.br Amazon	`2021-08-30` - `2022-09-28`	a year	crt.sh
analytics.awsli.com.br R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.cartstack.com.br R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
p1.zemanta.com GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
cartstack.com Go Daddy Secure Certificate Authority - G2	`2021-03-05` - `2022-04-06`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.linximpulse.net Amazon	`2020-11-12` - `2021-12-11`	a year	crt.sh
1398493258.rsc.cdn77.org R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
*.percycle.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.chaordicsystems.com Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
ckies.net Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Frame ID: 031017DEAC9C5047EE2EDEBFEB82099E
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube.com/embed/%3Ciframe%20width=
Frame ID: 484F193FBD286EE9BDF34B45A1522F77
Requests: 13 HTTP requests in this frame

Frame: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Frame ID: 752B57539C197AD2A0C49752AAB89706
Requests: 33 HTTP requests in this frame

Frame: https://www.desinpros.com.br/?mcr=ADV15968591
Frame ID: 29D90C0FDD059AB234C1BECAA2F0EDBF
Requests: 73 HTTP requests in this frame

Frame: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Frame ID: 6BD2A75C90E54FD1DDCE8E854F78DDCF
Requests: 74 HTTP requests in this frame

Frame: https://ev.braip.com/ref?pv=propvndo&af=afi89zm3x&src=cookie-lojaintegradaC
Frame ID: 9A9954641CE7C351D805998B3DECA216
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey
Frame ID: C2D0EBC78B2E1CDC34245AAA6CCC4A05
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
Frame ID: 32162945217C5864065CD88DEC965389
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
Frame ID: 952CDDC0AA2A956DB1DD2A439397938C
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
Frame ID: 1C6D142562662E39882E0F5AF65794F7
Requests: 18 HTTP requests in this frame

Frame: https://api.sunset.systems/services/?type=dtnl
Frame ID: C1122FAA485D260D038C7315EB31840C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B632B56C61E30B4D2781AA5A41270550
Requests: 1 HTTP requests in this frame

Frame: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Frame ID: 30776A95B7F71139364DC87F81675D94
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 8A7B1634EF94583DAE51BFFE76D03797
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5975042370483709&output=html&adk=1812271804&adf=3407277730&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Ftitanblue12x.com.br%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631737054068&bpp=2&bdt=342&idt=196&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&nras=1&correlator=4880442096051&frm=8&ife=1&pv=2&ga_vid=1407282911.1631737054&ga_sid=1631737054&ga_hid=1301050276&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2768854219&scr_x=-12245933&scr_y=-12245933&eid=44747621%2C31062519%2C31062492%2C44749369%2C31062297&oid=3&pvsid=181894626184477&pem=116&top=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.li577b6c00x&fsb=1&dtd=215
Frame ID: 49EB4DC2B211EBF7736C497D98B6A75C
Requests: 1 HTTP requests in this frame

Frame: https://api.sunset.systems/services/?type=dtnl
Frame ID: 4BDFC3A45899B461EA4CCDB48DC53B4C
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 438A3D69E402EDD5E8D78D3235AF27D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 236133BC24CBCEBCD8E83B2409697273
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 544EB47E129AE492CDF2F5B6D51EE67A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8A9AE6DB183C266F0468E7F7A09E95BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TITAN BLUE 12X FUNCIONA? BULA? MERCADO LIVRE? RECLAME AQUI? COMPRAR? FUNCIONA MESMO? COMO TOMAR? ONDE COMPRAR? PREÇO? SITE OFICIAL? DEPOIMENTO? É BOM? ORIGINAL? - Clube de Ofertas

Page URL History Show full URLs

http://bit.ly/3eOYJtN HTTP 301
https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-co... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

433
Requests

100 %
HTTPS

0 %
IPv6

54
Domains

73
Subdomains

57
IPs

9
Countries

12769 kB
Transfer

26384 kB
Size

34
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.awsli.com.br/1000x1000/1804/1804609/produto/84681738/1cfe0359b0.jpg

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=TITAN%20BLUE%2012X%20FUNCIONA%3F%20BULA%3F%20MERCADO%20LIVRE%3F%20RECLAME%20AQUI%3F%20COMPRAR%3F%20FUNCIONA%20MESMO%3F%20COMO%20TOMAR%3F%20ONDE%20COMPRAR%3F%20PRE%C3%87O%3F%20SITE%20OFICIAL%3F%20DEPOIMENTO%3F%20%C3%89%20BOM%3F%20ORIGINAL%3F%20http%3A%2F%2Fclubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial

Search URL Search Domain Scan URL

URL: https://app.monetizze.com.br/r/AHQ11850838?src=lojaintegrada

Search URL Search Domain Scan URL

URL: https://www.gov.br/anvisa/pt-br
Title: ANVISA

Search URL Search Domain Scan URL

URL: https://www.lojaintegrada.com.br/?utm_source=lojas&utm_medium=rodape&utm_campaign=clubdeofertas.lojaintegrada.com.br

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3eOYJtN HTTP 301
https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://app.monetizze.com.br/r/AHQ11850838?src=lojaintegradaC HTTP 301
https://titanblue12x.com.br/macho-alfa?mcr=AHQ11850838 HTTP 301
https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Request Chain 31

https://app.monetizze.com.br/r/ADV15968591?src=ljlojaC HTTP 301
https://www.desinpros.com.br/?mcr=ADV15968591

Request Chain 34

https://ctrack.g2afse.com/click?pid=1769&offer_id=37&ref_id=propeller&sub1=ep&sub2=ljpixelckC HTTP 302
https://lipotril-oficial.com/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4= HTTP 302
https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Request Chain 43

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 172

https://p1.zemanta.com/p/6665/7069/ HTTP 302
https://p1.zemanta.com/p/6665/7069/?s=2

Request Chain 339

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=1631737054247&cv=9&fst=1631737054247&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/828003655/?random=1631737054247&cv=9&fst=1631736000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&is_vtc=1&random=3975355223&resp=GooglemKTybQhCsO

Request Chain 355

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/396474315/?random=2051124492&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYbP6DvSF9fgP2P-KmAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/396474315/?random=2051124492&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYbP6DvSF9fgP2P-KmAg&cid=CAQSKQCNIrLMSKGE2Vy4uUcGZpK02NcM359DZTwbnQAlplc6RpZ1EDOim_AE&random=289847351&resp=GooglemKTybQhCsO

Request Chain 356

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/396474315/?random=995300791&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYcP0DsuBb9XykvAJ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/396474315/?random=995300791&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYcP0DsuBb9XykvAJ&cid=CAQSKQCNIrLMyTBHblJPykHi_p3wc22eC-5ZX3NKaHRx2ZkYOYCmK_AVONBA&random=3960154282&resp=GooglemKTybQhCsO

Request Chain 357

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/?random=198923348&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYc-gD9jKbOa3iogM&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/742021047/?random=198923348&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYc-gD9jKbOa3iogM&cid=CAQSKQCNIrLMqU4mVjFfOJ0Dkfkl4j6qZkb5k50wbAJGkArUqA0RiYO9WSc1&random=1413542125&resp=GooglemKTybQhCsO

Request Chain 358

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/?random=879054457&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYezBD5KjlgTqr5zYAQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/688008293/?random=879054457&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYezBD5KjlgTqr5zYAQ&cid=CAQSKQCNIrLMdQKRYGXwU1STIeQxLG_WA1tYh8MBVehFSU_hhEhwxf_tctzw&random=4166675031&resp=GooglemKTybQhCsO

Request Chain 359

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479617073/?random=176738000&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYZfOD8-OlgTi1oCwCg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/479617073/?random=176738000&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYZfOD8-OlgTi1oCwCg&cid=CAQSKQCNIrLMkMPKoIAU_tdkC4vUlo84erelHPjFkMw3YOAH-Y-zYyOYt7tr&random=626685174&resp=GooglemKTybQhCsO

Request Chain 360

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/?random=56380429&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYf3TD7KH9fgP2NSxiAQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/651192104/?random=56380429&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYf3TD7KH9fgP2NSxiAQ&cid=CAQSKQCNIrLMegu9U-1qG2Hg0EXNr1fhWYikfmXjRzpLsf5T02GPFXbnx3Iy&random=760208118&resp=GooglemKTybQhCsO

Request Chain 361

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/378689843/?random=637418966&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYZrsD9OH9fgPxs2MqAE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/378689843/?random=637418966&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYZrsD9OH9fgPxs2MqAE&cid=CAQSKQCNIrLMj0Bs35vzbL5K3urvyFHR9r_HoFPmU_rJG45NssvVYDvBS-zc&random=4214704459&resp=GooglemKTybQhCsO

Request Chain 362

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=682010481&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYYGBEJiLlgTa_KYY&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/828003655/?random=682010481&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYYGBEJiLlgTa_KYY&cid=CAQSKQCNIrLMm_BpllhFTOo5SbJz6WIEAz77Wsn8uoNo20Suuw8pHMOmvTnP&random=4077864257&resp=GooglemKTybQhCsO

Request Chain 366

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1395702777&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYcubEIyllgTTkIuYAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/611304047/?random=1395702777&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYcubEIyllgTTkIuYAg&cid=CAQSKQCNIrLMjKQi8lPFAWr7XBmH5usZTwWE3MxieHHk0kIMeie2FVUMuyMF&random=3752032602&resp=GooglemKTybQhCsO

Request Chain 368

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/?random=441494349&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3lRCYfSqEMGB9fgP35ycgAc&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/494868820/?random=441494349&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYfSqEMGB9fgP35ycgAc&cid=CAQSKQCNIrLM6Gtd-2GK9AqwPZFpClUQe10QuQ-IqRFHlgEd9ynA-wg3YT-T&random=2471115015&resp=GooglemKTybQhCsO

Request Chain 391

https://mc.yandex.com/watch/54680146?wmode=7&page-url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&page-ref=https%3A%2F%2Ftitanblue12x.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A643%3Acn%3A1%3Adp%3A0%3Als%3A1549015268581%3Ahid%3A850636945%3Az%3A0%3Ai%3A20210915201734%3Aet%3A1631737055%3Ac%3A1%3Arn%3A190155787%3Arqn%3A1%3Au%3A16317370551033470473%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631737053471%3Ads%3A0%2C0%2C153%2C30%2C0%2C0%2C%2C221%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C153%2C29%2C0%2C0%2C%2C246%2C0%2C%2C%2C%2C476%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631737055%3At%3Atb12-lead HTTP 302
https://mc.yandex.com/watch/54680146/1?wmode=7&page-url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&page-ref=https%3A%2F%2Ftitanblue12x.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A643%3Acn%3A1%3Adp%3A0%3Als%3A1549015268581%3Ahid%3A850636945%3Az%3A0%3Ai%3A20210915201734%3Aet%3A1631737055%3Ac%3A1%3Arn%3A190155787%3Arqn%3A1%3Au%3A16317370551033470473%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631737053471%3Ads%3A0%2C0%2C153%2C30%2C0%2C0%2C%2C221%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C153%2C29%2C0%2C0%2C%2C246%2C0%2C%2C%2C%2C476%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631737055%3At%3Atb12-lead

Request Chain 406

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=66009462684 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=66009462684&google_gid=CAESEHodPpK6lL951sXlBydBJ9Q&google_cver=1

Request Chain 407

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=8bea6142-54de-4300-bddb-f90e65de427c

433 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial Show response
clubdeofertas.lojaintegrada.com.br/
Redirect Chain

http://bit.ly/3eOYJtN
https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial

91 KB
19 KB

533ms
267ms

Document
text/html

54.234.62.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.234.62.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-62-20.compute-1.amazonaws.com
Software: / vtex-integrated-store
Resource Hash: 4642db3426a3505b800673e2cb11929e10518a34c8577f782ec60ae29b207574

Request headers

Host: clubdeofertas.lojaintegrada.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Sep 2021 20:17:30 GMT
Content-Length: 19353
Cache-Control: no-transform
Vary: Cookie, Accept-Encoding
Age: 0
X-Cache: HIT
X-Cache-Hits: 1
grace: none
X-Powered-By: vtex-integrated-store
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

Redirect headers

Server: nginx
Date: Wed, 15 Sep 2021 20:17:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 260
Cache-Control: private, max-age=90
Location: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Set-Cookie: _bit=l8fkhu-ffaa87dddd631c417e-00Q; Domain=bit.ly; Expires=Mon, 14 Mar 2022 20:17:30 GMT
Via: 1.1 google

GET
H2 200 all.min.css
cdn.awsli.com.br/production/static/loja/estrutura/v1/css/ 278 KB
48 KB 83ms
19ms Stylesheet
text/css 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 19a5f9b2b0994d6709cc950ffa8912dd18e93b6679ed4290acd9e1cff3cca205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:10:50 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 13:34:55 GMT
server: Kestrel
age: 429
etag: W/"14b31df93204d79426ade700dc2680f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=7200
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: Pu1JfBG0ePyZsZUqT-UwzBMh_H2pUWXkywux6_GhoJD8fpQyVI33vg==

GET
H2 200 bootstrap-responsive.css
cdn.awsli.com.br/production/static/loja/estrutura/v1/css/ 22 KB
5 KB 83ms
20ms Stylesheet
text/css 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/bootstrap-responsive.css?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 5827a94a01fee9bb5b3331b00efbb083275fca57a4403b8ec56658df034be1c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:10:50 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 13:34:55 GMT
server: Kestrel
age: 430
etag: W/"871defe8c1a928bcbcc3efcf4a1dde42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=7200
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: FAds_UyW_0tifrW6mvqyHLWuU8mAMg-7o9idzmTAldBO-kbEu3ZPPA==

GET
H2 200 style-responsive.css
cdn.awsli.com.br/production/static/loja/estrutura/v1/css/ 17 KB
4 KB 83ms
20ms Stylesheet
text/css 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/style-responsive.css?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 8738d32dcc3538dfc61ee4bc586646e35d28e8e2b9f24b025f4c1b88ef98b5d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:25:02 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 13:34:56 GMT
server: Kestrel
age: 3178
etag: W/"66c76553eeb0fbfe4f075c9ad7bc767b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=7200
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 63Y6V7doylDRvd7lPr8Fv0-DgaPsdzU5srCcmcU5eVbxiHQfnGlxEQ==

GET
H/1.1 200
OK tema.css
clubdeofertas.lojaintegrada.com.br/ 869 B
697 B 191ms
106ms Stylesheet
text/css 54.234.62.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://clubdeofertas.lojaintegrada.com.br/tema.css?v=20210828-050800
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.234.62.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-62-20.compute-1.amazonaws.com
Software: / vtex-integrated-store
Resource Hash: bdc494d08be9a7f1e0bd4e966a160e63758f39febbdb42709efeaa9341142529

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: clubdeofertas.lojaintegrada.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 10:57:01 GMT
Content-Encoding: gzip
Age: 379229
X-Powered-By: vtex-integrated-store
Vary: Cookie, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
grace: none
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 359
X-Cache-Hits: 6292

GET
H2 200 all.min.js Show response
cdn.awsli.com.br/production/static/loja/estrutura/v1/js/ 429 KB
130 KB 83ms
20ms Script
application/javascript 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/js/all.min.js?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: aa713dd5442f081d2679694605d2f52c4e2f0ae5cae4bfe55082ea2edd7e14f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:59:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 14:45:42 GMT
server: Kestrel
age: 1162
etag: W/"53022acf91fb29258cb934a86ca75eb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=3600
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: zqb50cwtwhe3OqKSNUVpscUcbH6cUUuaC_yx0hVQZSYxvndi-1ER2g==

GET
H2 200 jquery.fancybox.min.css
cdn.awsli.com.br/production/static/css/ 3 KB
1 KB 82ms
19ms Stylesheet
text/css 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/css/jquery.fancybox.min.css
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: b02fbf07a770097c0eb14e6ad03e36e46a8316bc72c4cf7691f541f6c3a753c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 18:55:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 13:59:19 GMT
server: Kestrel
age: 5075
etag: W/"4cbb0e7b3881c1a4606243971a66d598"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=7200
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: _4dpTUaKeF72Y39psbCymia-GPW3oVNIXOd_jpJjm39HhcnrwHHEqQ==

GET
H2 200 jquery.fancybox.pack.min.js Show response
cdn.awsli.com.br/production/static/js/jquery/ 22 KB
9 KB 78ms
16ms Script
application/javascript 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/js/jquery/jquery.fancybox.pack.min.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: d0bf17f3ec8ec68ab7ce708e948d71b32e765bc367225e607658ec582316aa70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:38:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 13:59:21 GMT
server: Kestrel
age: 2373
etag: W/"2fee48940784c0b4d87d8ba3d6763651"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=3600
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: iT0kBIlqiHpNE0xnw_czgtu_0FLbxhhVjvu1Bs5YoTmZ-Q8kjvHwKQ==

GET
H2 200 imagezoom.min.css
cdn.awsli.com.br/production/static/loja/estrutura/v1/css/ 728 B
1 KB 111ms
49ms Stylesheet
text/css 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/imagezoom.min.css
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: dfaca908ff1fd6fd53e9bc9f78b8345d74350e3b1f74ea56a99d970f152413df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 18:47:24 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Mon, 23 Aug 2021 13:59:21 GMT
server: Kestrel
age: 5408
etag: "10c0de4d13b161ecd6335e06cc3efae3"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600, s-maxage=7200
x-amz-cf-pop: HAM50-C1
content-length: 728
x-amz-cf-id: ieIEC2QxanWmSTAey2-tRfquk8nCfjK7MsJASL__LshhcwPCTHx0gQ==

GET
H2 200 jquery.imagezoom.min.js Show response
cdn.awsli.com.br/production/static/loja/estrutura/v1/js/ 5 KB
3 KB 112ms
50ms Script
application/javascript 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/js/jquery.imagezoom.min.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 3c7dbcbefc040556c7390260661f267e3410af13c903e8526908937f51d4a727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:22:35 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 13:59:22 GMT
server: Kestrel
age: 3411
etag: W/"8b885a908901c5b619a62cbac97d2555"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=3600
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: _chYyGTgsP2Gj3w2P8FkY6xJDDw6n7hau1d2Cw1SHB3LR8B-QnoWGQ==

GET
H2 200 produto.min.js Show response
cdn.awsli.com.br/production/static/loja/estrutura/v1/js/ 11 KB
4 KB 82ms
20ms Script
application/javascript 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/js/produto.min.js?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 7f0e7e41c56b164b8b817428d90edfdf0722cfebcd0e87e0fe04ec0db56b40a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:59:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 14:45:42 GMT
server: Kestrel
age: 1147
etag: W/"f95d806f99cb4fecd9c141c5e91e9923"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=3600
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 7D_7PCI5rcpdnUpTmWS36OU49SJVtY5yFXKTqL1HLB4K37EjghNQsQ==

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 61ms
12ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=2e8dd2e9b55327674b3342b9dd4cfb9a8130688daed6a8406e2a7fa6a606f926

Requested by

Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d6ced2d066935a4550fefe90e4a07e40ad503004724ba900c080bc127de24675

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H/1.1 200
OK tag_gen.js Show response
a.exoclick.com/ 895 B
859 B 555ms
7ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: 0038a46147de8ad7ae4477a228fa1b23922fbeadeac512f61d020e5ffcbe6a9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 20:17:31 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"b71554cb29aa7affadbb3b5be9d"
X-HW: 1631737051.dop051.fr8.t,1631737051.cds138.fr8.shn,1631737051.cds138.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 477

GET
H2 200 d34f984fed.png
cdn.awsli.com.br/400x300/1804/1804609/logo/ 8 KB
8 KB 13ms
13ms Image
image/png 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/400x300/1804/1804609/logo/d34f984fed.png
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 187e57f7aed832cd18c3fcc3112b30956390a2621397e18c1f6e64be2d51d05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:15:15 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 13:52:27 GMT
server: Kestrel
age: 104535
etag: "b4cf44cc9c1b95a2f669eca1647bf1ea"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 7835
x-amz-cf-id: ddVlRWXrOQFOK3BpWWtx2XheXLCqadsoVkuSgVgZTR-nmi7Krp-w9w==

GET
H2 200 1cfe0359b0.jpg
cdn.awsli.com.br/600x450/1804/1804609/produto/84681738/ 139 KB
139 KB 312ms
310ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/600x450/1804/1804609/produto/84681738/1cfe0359b0.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: d9f29f124bc11e7061c59ce65c6031499a2012e68d6cead08742981c9caf8e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:30 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Sun, 17 Jan 2021 23:47:30 GMT
server: Kestrel
x-amz-cf-pop: HAM50-C1
etag: "2b6a81428b31f336dd17c3a1e6686704"
x-cache: Miss from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
content-length: 142004
x-amz-cf-id: fRiUYsgxEdNRmWoMADW5Q9D7lz0J7R_jARbOejbY1CZ3IRhOCl5GUQ==

GET
H2 200 1cfe0359b0.jpg
cdn.awsli.com.br/64x50/1804/1804609/produto/84681738/ 4 KB
5 KB 169ms
166ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/64x50/1804/1804609/produto/84681738/1cfe0359b0.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: d14c37fde58750659600f73828b24ebc38e00e17fd072367c6a704072f2434dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:30 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Sun, 17 Jan 2021 23:47:30 GMT
server: Kestrel
x-amz-cf-pop: HAM50-C1
etag: "2b6a81428b31f336dd17c3a1e6686704"
x-cache: Miss from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
content-length: 4601
x-amz-cf-id: Y7HM-QMHhGv_RXTyzc9pfytniD0yZwsxrJXfe6UhrojfhjcVE0srOw==

GET
H2 200 disfuncao-eretil-em-homens.png
sp.secureserver.club/wp-content/uploads/ 59 KB
60 KB 74ms
14ms Image
image/png 172.67.179.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/disfuncao-eretil-em-homens.png
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.179.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dcf6baeb7187096dfadc26861b7e0ec4642e6e834460324c38f88ade9abc45f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87417
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60566
last-modified: Tue, 19 Jan 2021 21:49:34 GMT
server: cloudflare
etag: "600753ee-ec96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMwOcK9%2BfxDSKWe%2FmiujfnRZjfWiSfktYUY4C6gUUS4YJEKP7gqIeXfmPH6dXMZ6xuijXjEBOOVmYDz1ps1o9V6YQ8XSEpUdARH7nZj8eB2xS9J83DXQFl4IBEexAU%2F9J84mEuvjlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f489fa0b204ab0-FRA
expires: Thu, 14 Oct 2021 20:00:34 GMT

GET
H2 200 a04f8fd0c4.jpg
cdn.awsli.com.br/300x300/1804/1804609/produto/112154300/ 103 KB
104 KB 18ms
16ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/300x300/1804/1804609/produto/112154300/a04f8fd0c4.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: dbaa885671262eafee5715ccbd20adc9535722619f741a506e09b64e27d75107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 21:27:00 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Jul 2021 14:24:43 GMT
server: Kestrel
age: 82230
etag: "84351d610224fc9f694c7e9099fc298e"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 105890
x-amz-cf-id: Z5NWO2yfu_pfSc8CZNanfy8cZH9YarnXhSHQ85EKNe99rDarO39DiQ==

GET
H2 200 df004108c7.jpg
cdn.awsli.com.br/300x300/1804/1804609/produto/111796760/ 57 KB
57 KB 23ms
21ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/300x300/1804/1804609/produto/111796760/df004108c7.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 0dbf81f584df6d0048d16d0f82f1fb6042daa1eff46bb27369cde6676ecfdf1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 21:27:00 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 13:53:51 GMT
server: Kestrel
age: 82230
etag: "b99574483e661adcf584b9ff9d918deb"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 58320
x-amz-cf-id: EzPBpSqIz6G9OBnb-poVEA5SbHMRD0KCHApc_741s4vX-maYpAgaqQ==

GET
H2 200 075b5a9094.jpg
cdn.awsli.com.br/300x300/1804/1804609/produto/111824770/ 14 KB
15 KB 31ms
29ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/300x300/1804/1804609/produto/111824770/075b5a9094.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 6f61f2225ad4e7cc6b5ded0fb7cbd88b122fe203f844c0a5c97e0ebabbe5c819

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 21:27:00 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 16:30:30 GMT
server: Kestrel
age: 82230
etag: "f8f403c41fd2861b1032f4dc3ae7d9c7"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 14633
x-amz-cf-id: FdBmatz9cjgHUKy894eMWhDY7nZzrdm2hz2KVwMtdzro7Xxx3_b3Yw==

GET
H2 200 e612ca7768.jpg
cdn.awsli.com.br/300x300/1804/1804609/produto/111848778/ 100 KB
100 KB 22ms
21ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/300x300/1804/1804609/produto/111848778/e612ca7768.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 6c334c8fdff8221022bed6043e0d7f3b4e4c9375aee83549e4f9a0c44dd54bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 08:29:21 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 18:25:45 GMT
server: Kestrel
age: 215290
etag: "d45eb2deff2ba0d593f8c75bf66b74bd"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 102189
x-amz-cf-id: dBWvQ9CBNfMrNy65FZIuQEAPDbfXArD8BfZn2OGOa4xj_2hG079Yfw==

GET
H2 200 stamp_encryptssl.png
cdn.awsli.com.br/production/static/img/struct/ 5 KB
5 KB 17ms
16ms Image
image/png 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/production/static/img/struct/stamp_encryptssl.png
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 20121b48f28810417dba4a870da38f1b359f20e78cba3eede809d32338da8c3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 22:12:08 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 13:34:55 GMT
server: Kestrel
age: 425123
etag: "4b211b173ace07058a99284d69599ed6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 5034
x-amz-cf-id: ih361MyuLX13LJbNQWtGrLxvZ0QEysa7TcOU_L4Lc-lrr79kzlPeMQ==

GET
H2 200 logo-rodape-loja-pro.png
cdn.awsli.com.br/production/static/whitelabel/lojaintegrada/img/ 2 KB
2 KB 18ms
17ms Image
image/png 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/production/static/whitelabel/lojaintegrada/img/logo-rodape-loja-pro.png?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 7fdd73f58f229767006930e6a13ce607ff4ca7cccedb6e9cd42c1dba35a830dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:58:07 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 13:11:12 GMT
server: Kestrel
age: 19164
etag: "7a8639d96010a183709a649da641fb53"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 1935
x-amz-cf-id: Qdt5I58GM76J97r4EXeR_12k6CGjpVZmf3-H3hOHQ5pjZYtOQJBDtQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 84ms
30ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WWBKWR2LZB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4cd14983bb3a2f7d9fc6792e9621006837f7de3fc6ac04bf639bffb3bf6c8ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51779
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:17:31 GMT

GET
H2 200 owa.min.js Show response
cdn.awsli.com.br/production/static/analytics/ 73 KB
21 KB 22ms
21ms Script
application/x-javascript 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/analytics/owa.min.js?v=a543f26
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: fee1d8ef12749384e8495697689fc001cea3730189b8469b24dc1e4e2945b861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:59:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2016 18:51:05 GMT
server: Kestrel
age: 1163
etag: W/"7bead818892324c6975d8fd7625bf65f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=3600
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: MQkMqjYe461lGDA6_WAxALJph1RY7sih7CTCmeR1JO6Jf5KLHyWhMg==

GET
H2 200 %3Ciframe%20width= Show response
www.youtube.com/embed/ Frame 484F 31 KB
11 KB 101ms
48ms Document
text/html 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/%3Ciframe%20width=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

ed5e608a7324625de513de4de2cbce4e7a7dcc126f0aa283f7cfff711b50b273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/%3Ciframe%20width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clubdeofertas.lojaintegrada.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 20:17:31 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=m9KPxZHQrbU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=UTFsFViEvIE; Domain=.youtube.com; Expires=Mon, 14-Mar-2022 20:17:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 padrao-rodape.png
cdn.awsli.com.br/production/static/loja/estrutura/v1/img/ 107 B
439 B 17ms
16ms Image
image/png 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/img/padrao-rodape.png
Requested by: Host: cdn.awsli.com.br
URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: a86465a62204650ac8427681000213f27a2af3fcd07cd49ac7074660b88dec6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 20:52:28 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Mon, 23 Aug 2021 13:59:22 GMT
server: Kestrel
age: 170702
etag: "e03bd35e5d2aee9d765774fcd7243759"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 107
x-amz-cf-id: 7DuDlB13oMFcBs27_5TmjpA-sgxCp8eIeGVxg8IjDFIUZ0z4gniITw==

GET
H2 200 bullet.png
cdn.awsli.com.br/production/static/loja/estrutura/v1/img/ 122 B
456 B 17ms
17ms Image
image/png 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/img/bullet.png
Requested by: Host: cdn.awsli.com.br
URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 8fbeee80ca23180ab04a01de8501ceb01a0326ba2042b0cef3620c17b9904ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:33:04 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Mon, 23 Aug 2021 13:59:22 GMT
server: Kestrel
age: 416667
etag: "739c558f7fb61037851fb60e6d2ccf93"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 122
x-amz-cf-id: 8m6RwpqKejxgtrx2cu6bkzkuYjV2EfYl4Je-OV3Lw93tf4MxsBVH5w==

GET
H2 200 fontawesome-webfont.woff
cdn.awsli.com.br/production/static/loja/estrutura/v1/font/ 43 KB
43 KB 61ms
13ms Font
application/font-woff 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: cdn.awsli.com.br
URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Origin: https://clubdeofertas.lojaintegrada.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 09:26:09 GMT
via: 1.1 64c57433dbc269a88f86e72ae54bfe36.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 13:34:56 GMT
server: Kestrel
age: 298281
etag: "b683029bafe0305ac2234038a03e1541"
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 43572
x-amz-cf-id: vn1e0jU44eldRvzo3fi_D3l5aSJyvDR1-cqMBW9SpFv8HtkCI5aOiA==

GET
H2 200 fontawesome-webfont-v4.woff2
cdn.awsli.com.br/production/static/loja/estrutura/v1/font/ 55 KB
56 KB 62ms
15ms Font
application/font-woff 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/font/fontawesome-webfont-v4.woff2?v=4.3.0
Requested by: Host: cdn.awsli.com.br
URL: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://cdn.awsli.com.br/production/static/loja/estrutura/v1/css/all.min.css?v=a543f26
Origin: https://clubdeofertas.lojaintegrada.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 11:57:08 GMT
via: 1.1 64c57433dbc269a88f86e72ae54bfe36.cloudfront.net (CloudFront)
last-modified: Mon, 23 Aug 2021 13:59:21 GMT
server: Kestrel
age: 30073
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=604800
x-amz-cf-pop: HAM50-C1
content-length: 56780
x-amz-cf-id: 824C6p3JZoeuoCtiEdbB1yhmIHhIKnBqWLhX7WBd8MmQkXH0NkgHyQ==

GET
H3

200

/ Show response
titanblue12x.com.br/macho-alfa/ Frame 752B
Redirect Chain

https://app.monetizze.com.br/r/AHQ11850838?src=lojaintegradaC
https://titanblue12x.com.br/macho-alfa?mcr=AHQ11850838
https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

146 KB
25 KB

470ms
451ms

Document
text/html

104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f05c3fb432504255b449f268e8ae66094ec95574be44af9fde0b7456f96afce8

Request headers

:method: GET
:authority: titanblue12x.com.br
:scheme: https
:path: /macho-alfa/?mcr=AHQ11850838
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clubdeofertas.lojaintegrada.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 15 Sep 2021 20:17:33 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNN8HeLdt05yR1SED1N%2B46ersLSDEBpZsx6ZqDvKdUaA0nv9iQtT629raUYzoEoNMx7%2FvVRMUmqmcvNoD%2FzfLwcx%2BYer1o8ByKdfCOIXekaYaLTvZ%2FRjaHhsU1UPzgoZ1pftM9Uh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68f48a02f9da64f7-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
cache-control: max-age=2678400
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ylam9sELebcDw%2BxzwbqA2NkfFME2EWXb0WH2exyjwXZEEgTsJaYWtBJ%2BgDzp9eJwez3c%2F7H8mhxr0QwUbUiNldK9v6FwsvLUElh0yDGmLsPDSt2UaVwhe%2BNxjA7VUJ0qp2xHEbNl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68f489ff7a74696a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 113ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

9b0fc1d3ea9c86c50e868dab2eb66e83dfc939cc0d4452e933e585c62af09447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2uGdeFqtukMWSHS59tE+Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1683
x-fb-rlafr: 0
x-fb-debug: CyqY5eYFoxjA60euSEJIeWE9MlDjiZ1jGxW5+7xUDr4jbOQrFUI1ZOz3WgFcabhwhTBNB65dN0NUL2arTL6KHg==
x-fb-trip-id: 1082456386
x-fb-content-md5: deef1541dfda75d1ab6c5f3a0f2a6b4c
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "660740d6a3ec94b3fc30b187660a496a"
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:34:04 GMT

GET
H2

200

/ Show response
www.desinpros.com.br/ Frame 29D9
Redirect Chain

https://app.monetizze.com.br/r/ADV15968591?src=ljlojaC
https://www.desinpros.com.br/?mcr=ADV15968591

27 KB
9 KB

884ms
232ms

Document
text/html

104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desinpros.com.br/?mcr=ADV15968591
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d543d916579a0e107a93abc17ff477dea37cbae1e072fc8fe2e5b54cde12e4f8

Request headers

:method: GET
:authority: www.desinpros.com.br
:scheme: https
:path: /?mcr=ADV15968591
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clubdeofertas.lojaintegrada.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iM27NFTta5U6e8%2BbN1HKMJ%2B06PrUSSY05hlLtFZ9gmTprMsiDO4wVm28ukjBO4I3PeKjuy8Vpq%2BNu4GNedwtL64FkJKErJ0Y%2F1q1iUhu729jgs4a%2BtfotRHPmjpqaAAUWyETQ7ih4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68f489ffee474e4a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Content-Type: text/html
Content-Length: 0
Server: Apache
Location: https://www.desinpros.com.br/?mcr=ADV15968591
Access-Control-Allow-Origin: *
Expires: Wed, 15 Sep 2021 20:17:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 15 Sep 2021 20:17:31 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=r1q538dq7f8ma8n1dercc8tu90; path=/; HttpOnly mon_=%7B%22D8oolF8%3D%22%3A%22A0Sfud%2B4NcrU9g%3D%3D%22%7D; expires=Mon, 01-Jul-2295 20:17:31 GMT; path=/; samesite=none; domain=app.monetizze.com.br; secure; httponly msc_last=eyJjb29raWUiOiJBMFNmdWQrNE5jclU5Zz09IiwiZGF0YV90aW1lc3RhbXAiOiJCbVZTSXpTengyQ0RMbzBpeUE9PSIsImFmaWxpYWRvIjoiQm1GdWUxSXEifQ%3D%3D; expires=Thu, 15-Sep-2022 20:17:31 GMT; path=/; domain=app.monetizze.com.br; httponly
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000 ; includeSubDomains

GET
H2 200 titan-blue-12x.png
sp.secureserver.club/wp-content/uploads/ 34 KB
34 KB 525ms
510ms Image
image/png 172.67.179.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/titan-blue-12x.png
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.179.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1b76c1354c94a1886918771ddb37cbc8e774363f374aaec71b20aa23e1771e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34307
last-modified: Tue, 19 Jan 2021 21:19:52 GMT
server: cloudflare
etag: "60074cf8-8603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Msp8HBJ99LcQxfqSKa5X6Lqxmh3nBb6o%2BHtW3fZ1tDHqIpFaxbthlx4D%2FbDHyB0clgS8D%2FqAsKes8cPCRte9bXN9lx7lYyMXfoj7%2FnN54wewGzRSL01%2FX9TGEeUAqdln99P6EngT7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f489fa0b244ab0-FRA
expires: Fri, 15 Oct 2021 20:17:31 GMT

GET
H2 200 penis.png
sp.secureserver.club/wp-content/uploads/ 18 KB
18 KB 35ms
21ms Image
image/png 172.67.179.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/penis.png
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.179.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e485b721c5360b601a3aaeaa6769fbc9aaa7b9d46cf730fd0e05e2765de4f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 749689
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18415
last-modified: Tue, 19 Jan 2021 21:19:30 GMT
server: cloudflare
etag: "60074ce2-47ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxMfuSAXoAOGp7F4PBpnBUpQTS2R9m7PpqdG9o2ujvqpHi7xIi9A0Q%2F5ePfvLWnRNCt%2FwEstxFIJbmPK1C5ghxwSY1xFF3pg9%2BeldOSc9jim7DL2kGpzdpi2bfnLcudWnMQB97eOrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f489fa0b254ab0-FRA
expires: Thu, 07 Oct 2021 04:02:42 GMT

GET
H2

200

/ Show response
lipotril.com.br/ Frame 6BD2
Redirect Chain

https://ctrack.g2afse.com/click?pid=1769&offer_id=37&ref_id=propeller&sub1=ep&sub2=ljpixelckC
https://lipotril-oficial.com/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

27 KB
27 KB

1433ms
403ms

Document
text/html

18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 9901badf09483d6ad4cdfe83e63e481abd43d4c91b087421d081549f36b216ce

Request headers

:method: GET
:authority: lipotril.com.br
:scheme: https
:path: /?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clubdeofertas.lojaintegrada.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-type: text/html; charset=utf-8
content-length: 27465
x-powered-by: Express
set-cookie: hlog=j%3A%5B%7B%22time%22%3A%2215%2F09%2F2021%2017%3A17%3A32%22%2C%22p%22%3A%22aff%22%2C%22clickid%22%3A%22614254dbeb72f80001a35335%22%2C%22sub2%22%3A%22ljpixelckC%22%2C%22aff_id%22%3A%221769%22%7D%5D; Path=/
etag: W/"6b49-f3X+j80cYC0b1WDSgZWEQkWVKF0"

Redirect headers

date: Wed, 15 Sep 2021 20:17:31 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
set-cookie: hlog=j%3A%5B%7B%22src%22%3A%221769%22%2C%22time%22%3A%2215%2F09%2F2021%2017%3A17%3A31%22%2C%22partner%22%3A%22aff%22%2C%22clickid%22%3A%22614254dbeb72f80001a35335%22%2C%22sub4%22%3A0%2C%22offer%22%3A%22Lipotril%22%7D%5D; Path=/
location: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
vary: Accept
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2Xm7sv%2F61Fi3%2BJ9UqIb%2BT6VQX%2BUXPuXsCFnauwjnR23pHPK1ukEoZogJ6SrenA4L0%2BjzxuvwmL7LtjGklGsLqLSvCEGOULZBPKxVR6ynkc54L4Bs%2B06bsv6eJAeELTF3qbnf9N0TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68f489fafc95412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 403 ref
ev.braip.com/ Frame 9A99 0
0 86ms
26ms Document
text/html 104.22.6.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.braip.com/ref?pv=propvndo&af=afi89zm3x&src=cookie-lojaintegradaC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.6.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ev.braip.com
:scheme: https
:path: /ref?pv=propvndo&af=afi89zm3x&src=cookie-lojaintegradaC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clubdeofertas.lojaintegrada.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 68f489fa5e27278c-PRG
content-encoding: gzip

GET
H/1.1 200
OK log.php
analytics.awsli.com.br/ 0
226 B 303ms
99ms Image
application/octet-stream 54.234.62.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.awsli.com.br/log.php?owa_timestamp=1631737051&owa_event_type=base.page_request&owa_is_new_visitor=true&owa_visitor_id=1631737051838775311&owa_fsts=1631737051&owa_dsfs=0&owa_last_req=&owa_session_id=1631737051321545659&owa_is_new_session=true&owa_nps=1&owa_dsps=0&owa_medium=direct&owa_source=%28none%29&owa_search_terms=%28none%29&owa_session_referer=%28none%29&owa_page_url=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&owa_HTTP_REFERER=&owa_page_title=TITAN+BLUE+12X+FUNCIONA%3F+BULA%3F+MERCADO+LIVRE%3F+RECLAME+AQUI%3F+COMPRAR%3F+FUNCIONA+MESMO%3F+COMO+TOMAR%3F+ONDE+COMPRAR%3F+PRE%C3%87O%3F+SITE+OFICIAL%3F+DEPOIMENTO%3F+%C3%89+BOM%3F+ORIGINAL%3F+-+Clube+de+Ofertas&owa_site_id=loja-1804609&
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.234.62.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-62-20.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Sep 2021 20:17:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/1256b7e2/ Frame 484F 329 KB
46 KB 19ms
18ms Stylesheet
text/css 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/%3Ciframe%20width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46342
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 19:44:27 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/ Frame 484F 201 KB
66 KB 42ms
40ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/%3Ciframe%20width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103685
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67242
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 484F 2 MB
504 KB 62ms
61ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/%3Ciframe%20width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516210
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 12:16:33 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/ Frame 484F 8 KB
3 KB 61ms
60ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/%3Ciframe%20width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103685
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 484F 15 KB
15 KB 70ms
20ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/%3Ciframe%20width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 13:04:46 GMT
x-content-type-options: nosniff
age: 285165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 13:04:46 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 228 KB
67 KB 70ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=88ac7ea0aebae90e36afadadd6dc8f5d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

3dd3495e009be64979c745f8529cad04631402381faa301639d3b41e636ec63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://clubdeofertas.lojaintegrada.com.br/
Origin: https://clubdeofertas.lojaintegrada.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CvcbFQ6fj2Sb467O4r39Yg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68410
x-fb-rlafr: 0
x-fb-debug: PHZeF3AhRkczNxoYjn5G5mvfEeE9TqnxnTf4WgIpjA7pc0hXBACUvtkMjb9tFDrJx6H4In4aQY5QFKT15pQAig==
x-fb-content-md5: f8181bf995c1f233daeab6a3c9966b1b
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4e7541df77e6f820386a33d041ad563d"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Sep 2022 19:54:02 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 484F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

58ms
30ms

XHR
application/json

216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/%3Ciframe%20width=

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

49268f276dcd172e6c9f906822a014df9390b1cadac19f39ce68ef8720bd1cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Sep 2021 20:17:31 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 484F 29 B
424 B 99ms
29ms Script
text/javascript 142.250.200.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:04:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 764
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:19:47 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 484F 95 KB
29 KB 20ms
19ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29907
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:57:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 484F 24 KB
7 KB 21ms
21ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7343
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:56:18 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 484F 4 KB
3 KB 81ms
29ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Wed, 15 Sep 2021 20:17:31 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 484F 48 KB
14 KB 44ms
19ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Sep 2021 09:35:47 GMT

GET
H2 200 share_button.php Show response
www.facebook.com/v2.5/plugins/ Frame C2D0 43 KB
15 KB 256ms
179ms Document
text/html 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=88ac7ea0aebae90e36afadadd6dc8f5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

Resource Hash

42136e98477e56f59a7a6b455f57b43181b51047666b1f57dc994d9e8e6e463e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clubdeofertas.lojaintegrada.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 7QaBi6ep5nu0RkbnjG0KXGRIKePGcVuKw7hhPRy9gEuMqIIfelCzynYFpsFMGC3j01tGMuXzWfGD+0kYDnj3JA==
date: Wed, 15 Sep 2021 20:17:31 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

POST
H2 204 collect
analytics.google.com/g/ 0
372 B 76ms
25ms Ping
text/plain 142.250.179.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WWBKWR2LZB&gtm=2oe9d0&_p=1405624517&sr=1600x1200&_gaz=1&ul=en-us&cid=487580334.1631737052&_s=1&dl=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&dt=TITAN%20BLUE%2012X%20FUNCIONA%3F%20BULA%3F%20MERCADO%20LIVRE%3F%20RECLAME%20AQUI%3F%20COMPRAR%3F%20FUNCIONA%20MESMO%3F%20COMO%20TOMAR%3F%20ONDE%20COMPRAR%3F%20PRE%C3%87O%3F%20SITE%20OFICIAL%3F%20DEPOIMENTO%3F%20%C3%89%20BOM%3F%20ORIGINAL%3F%20-%20Clube%20de%20Ofertas&sid=1631737051&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWBKWR2LZB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clubdeofertas.lojaintegrada.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clubdeofertas.lojaintegrada.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
381 B 48ms
14ms Ping
text/plain 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WWBKWR2LZB&cid=487580334.1631737052&gtm=2oe9d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWBKWR2LZB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clubdeofertas.lojaintegrada.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clubdeofertas.lojaintegrada.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 14ms
14ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=2e8dd2e9b55327674b3342b9dd4cfb9a8130688daed6a8406e2a7fa6a606f926&ttl=&rurl=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 1cfe0359b0.jpg
cdn.awsli.com.br/800x800/1804/1804609/produto/84681738/ 139 KB
139 KB 200ms
200ms Image
image/jpg 52.222.179.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.awsli.com.br/800x800/1804/1804609/produto/84681738/1cfe0359b0.jpg
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-35.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: d9f29f124bc11e7061c59ce65c6031499a2012e68d6cead08742981c9caf8e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubdeofertas.lojaintegrada.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:31 GMT
via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
last-modified: Sun, 17 Jan 2021 23:47:30 GMT
server: Kestrel
x-amz-cf-pop: HAM50-C1
etag: "2b6a81428b31f336dd17c3a1e6686704"
x-cache: Miss from cloudfront
content-type: image/jpg
cache-control: max-age=86400, s-maxage=604800
content-length: 142004
x-amz-cf-id: 6ckEQgXT-UbgWvvFNCCK7OnztrCd3t6SbfeX6dUU7kt01bzfd0baFw==

GET
H3 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame C2D0 388 B
442 B 71ms
35ms Image
image/png 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: evP3EqVBgfNWJRBOhDtHg7ADSeiyuvHpU4ituKogPnwZTZVVYNnN8m1h0XxOsUnahQgr9vb2d9mnhhHdImnrnA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Fri, 10 Sep 2021 01:45:57 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 388
x-fb-rlafr: 0
expires: Sat, 10 Sep 2022 01:45:57 GMT

GET
H3 200 h33nawoSrPX.js Show response
www.facebook.com/rsrc.php/v3iM-F4/yw/l/pt_BR/ Frame C2D0 513 KB
134 KB 71ms
37ms Script
application/x-javascript 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iM-F4/yw/l/pt_BR/h33nawoSrPX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

Resource Hash

6056b750bcebb04497386750a70276fd72eac943d1e351dce1784d59b088d4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:39:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: R7Ioroe1Tl/2s3Pttt5X1g==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 137504
x-fb-rlafr: 0
x-fb-debug: 50ejbAVKMyFU6cMD5BbRAt173vrTThKHxnpTBzbBH/XW7SqMcNXQi13ddEerdiR8BIOmPteeLRDX3gysNIcO6A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Sep 2022 03:39:03 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame C2D0 67 B
98 B 95ms
94ms Image
image/png 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1631737051963&t_start=1631737051964&t_domcontent=1631737051993&t_layout=1631737052189&t_onload=1631737052189&t_paint=1631737052189&t_creport=1631737052189&t_tti=1631737051993&lid=7008257270790287033-0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df331cdc594e52d8%26domain%3Dclubdeofertas.lojaintegrada.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclubdeofertas.lojaintegrada.com.br%252Ff2d0cb576d29c28%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2Ftitan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&layout=button&locale=pt_BR&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: nfXo8E/sJ54dj2zgOt27bFScQmDJgYzt2cQmZOegrfZlpnr2IYY4qIOcTA7nvhsikFG0T90nN/y7TB7oEdR0jw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:32 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ Frame 29D9 137 KB
22 KB 76ms
30ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desinpros.com.br/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 220849
cdn-cachedat: 2021-07-24 16:52:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cd6cf0ba71b8c1957336875b1eca65c9
cf-ray: 68f48a01b9384120-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 29D9 30 KB
2 KB 79ms
30ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,r,b,i,bi%7CRaleway:300,r,b%7CLato:300,r,b,i,bi%7CTitillium%20Web:300,r,b,i,bi%7COpen%20Sans:300,r,b,i,bi

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

34f76f715f90c104ed386533ec7f29af7e5c1fd4c3be2e27309e3e6a079d16cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:17:32 GMT
server: ESF
date: Wed, 15 Sep 2021 20:17:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H3 200 style-v=4.css
www.desinpros.com.br/assets-ren31/css/ Frame 29D9 15 KB
4 KB 33ms
15ms Stylesheet
text/css 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desinpros.com.br/assets-ren31/css/style-v=4.css
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8419656d640bfc5438b0e128f98ef6b3ee284719136a65c4aab9ddb77264d8f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740341
cf-polished: origSize=16093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 03 Jan 2021 03:25:31 GMT
server: cloudflare
etag: W/"5ff1392b-3edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ewlNrEmbp7eIIqn2CSlLcq08QSoQZLtg2cKniv98S%2FKzjNlnrPQ3%2Fj8SGFVzf1yxib0PTpDMmbv1g3fUFoKVOEE72WN3jbSJCJfKYkCfLZKY736JJiMJ0frlMDiMiETqagbR95pCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 07 Oct 2021 06:38:31 GMT
cache-control: max-age=2592000
cf-ray: 68f48a018caed6fd-FRA
cf-bgj: minify

GET
H3 200 mobile-v=4.css
www.desinpros.com.br/assets-ren31/css/ Frame 29D9 1 KB
991 B 34ms
16ms Stylesheet
text/css 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desinpros.com.br/assets-ren31/css/mobile-v=4.css
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4cc0f737fea3481fbcfeced183ad289b2a5168966bf2271048d7bfabc145c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740341
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 03 Jan 2021 03:25:31 GMT
server: cloudflare
etag: W/"5ff1392b-551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4da4Kq%2BqRmnD53usSb7srHmAWl1IruDfF5cuPDjuaADfSKiKHcxgfm05EPYsPEayg7s3jTXor7G5%2F2WnDu7ck34GpzYV8%2B%2FuBSgGciMCZEvpp2BuRA1vl%2Bovc4GYKOlE1Yqn%2BTC%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 68f48a018cacd6fd-FRA
expires: Thu, 07 Oct 2021 06:38:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 29D9 101 KB
40 KB 72ms
40ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145849447-1

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

30f5db6d381a0f6ad114c3f0ec5df5244fcbe52671bac4635a0db710f6aadb73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41221
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 29D9 96 KB
38 KB 81ms
48ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-971728356

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b0ea80959be5248cda53b03dfd9e3fdd5b4f1975a412dd093a63e70fa504dfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39237
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H3 200 logo-desinpros.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 7 KB
8 KB 30ms
27ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/logo-desinpros.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c5e268659293ca76dc38e8a618be934e0df0fffcc8592ae6066f1feddb4901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7394
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-1ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e01R8JzsyFUwbL3zAsKmCCAlnznBszy1ELhsHE4aaI8XqGQSMALEVuo%2Fo3ZdS0VnVfZjdOXnxOooD1KLpULrr3j9GMOzPd6vCUcj4eDfLKxrLZOaeo2JHpxsOuqYV4RpQckxckZhrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d66d6fd-FRA
expires: Sat, 09 Oct 2021 23:46:27 GMT

GET
H3 200 pote-desinpros.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 201 KB
202 KB 31ms
28ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/pote-desinpros.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9449c4abca07fe0b7fe4e99d87a3f0b86f1d8d579e9abd4d6eb3b57671151944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 206127
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-3252f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esm6T2rJdRgs6GIpDkVbEj5WSpiuOm6WuIU11vwGt6ZQAwRIRa9Kl8jv%2FZN0x2AB0VBlskYhKCjUdcDhqU80b35BGnKGhoU50jCNcY4P41CfEKDJT%2FxZrtMjGaucRafn4NtTF8s%2FtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d67d6fd-FRA
expires: Sun, 10 Oct 2021 11:49:17 GMT

GET
H3 200 selo-anvisa.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 6 KB
7 KB 38ms
35ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/selo-anvisa.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b699a2c1d0b87bc0a22cbe52062cfde77e8b4be9442e77077d90d7dc1599b507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6193
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-1831"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM4Vi7FPWDY6Yl%2B0XDPeSIQm88wH%2BqkRCOCGBrNd0FRtp5W6AwS7s%2BmyrzTHeSfvmZNx0qvhNGwBPBZV4YvO2tTeJwXzJQtCQp2kirhsZymuGGIq0iHuzVmNXHAW7JEmoUeMCv0HIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d68d6fd-FRA
expires: Sun, 10 Oct 2021 11:49:18 GMT

GET
H3 200 hiperplasia-prostata-imagem.jpg
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 103 KB
103 KB 68ms
65ms Image
image/jpeg 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/hiperplasia-prostata-imagem.jpg
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ec7f2bbccae5c6d73de58f499c37006c4402d9e0ec7d39f1a5a34185bd8e7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 105250
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-19b22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIcbYfbCO%2F%2BCucL35mh8mlQv1XN7HXmcoe9ctHtSo8PfrH5lUtCcRE4BnVvGD4hd0xXT0keGzmPqvwn23iEzW%2FNgMuR0WKYhu2SE2C5y7Vc456MW0TG%2Fl7D04%2FwIT03zn3cIHuR4qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d6cd6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 Logo-agencia-O-Globo.png
www.desinpros.com.br/img/ Frame 29D9 41 KB
42 KB 90ms
87ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/img/Logo-agencia-O-Globo.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe21635e4a9cfe8c7779426de00b1935ec0248dc541b484bb54cc57cb62c595

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42460
last-modified: Sun, 03 Jan 2021 03:25:30 GMT
server: cloudflare
etag: "5ff1392a-a5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieWkKYV0X4HB6%2BW8aQ5fAOTbtrw2CMfLdf9MAozXs4Ir3eYSUftj7hv0oqmQe3qpRlobX2VebC4aQ7dSBifAamMOfrF3MKBB0ls19zb7xupM6vP4b95IoiCtXRG08mhMrCH1qbjmig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d6dd6fd-FRA
expires: Sat, 09 Oct 2021 23:46:27 GMT

GET
H3 200 Logo-Terra.png
www.desinpros.com.br/img/ Frame 29D9 11 KB
11 KB 92ms
89ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/img/Logo-Terra.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e4a7b26efb988c7d86b59c0de51e17862c750161fa05ac9f9fa39193025d9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10962
last-modified: Sun, 03 Jan 2021 03:25:30 GMT
server: cloudflare
etag: "5ff1392a-2ad2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNpM9CtoEGcSguGDv6KYXj3Stwv9aYKGl8bpOMNR8ZUKhrLQGNCJkpYzrqRXL8I2vkiFmqT5w6lWmbjGGxJ4%2FbZVzeihjwq9GDPoyRXxgbbVgqCU0Iwp%2FiNSCp0dfRPXnPrqSDtc1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d6fd6fd-FRA
expires: Sun, 10 Oct 2021 11:49:19 GMT

GET
H3 200 Logo-gazeta-brasila.png
www.desinpros.com.br/img/ Frame 29D9 10 KB
10 KB 38ms
35ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/img/Logo-gazeta-brasila.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c619681ccbca6eee2abdaf0dabb56444fb40ad5f7e89761fc42d92b05b0bf46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 506865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10002
last-modified: Sun, 03 Jan 2021 03:25:30 GMT
server: cloudflare
etag: "5ff1392a-2712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lYILcz%2BhGge%2FyBr3VFkTUjuVkLsK5eYJX6D5lah2BFNFocb%2FzHSSQnB43NXzSExAX0JHHv%2Bfg4WBLFYvDAjfEmqbGspN9frXWyKhhBrsYPD7cBpdN5tGKoP7FDh140ruRohCyGNog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d71d6fd-FRA
expires: Sat, 09 Oct 2021 23:29:47 GMT

GET
H3 200 barra-compra-segura-1-1.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 3 KB
4 KB 92ms
89ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/barra-compra-segura-1-1.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e42c974480e475d97bba35425c05434d91a10680ca0d0dd1fae18349adbb1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3347
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1iZlxB355R%2B%2FVVoqTFBtn08uCf%2F1oXmBYw39YEftOUh0%2Bg1O8QTP7cqBBVUsNvrWowMsxZ3TDzEnNN%2FbYVl8l8mU2WR3rXKQpjPuNYEqnI9sW%2FQFgRYNyCYVKrPz5TH3gVISZU1Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d76d6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 1-depoimento.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 297 KB
297 KB 92ms
88ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/1-depoimento.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce7840115d5d8ac6fd46a22eb7e951f3356b6b75f8fd0255ba1d0d5c9a942de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 303772
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-4a29c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR0RcbWXWLNTJMa2FJeec0AxLDVsYx%2FTiVjtDOSxQE4v5J3I7CaRzAtLuVqO6vmpVDgi1rfoFXxxMNZbhb%2FLcilOJZGRrdptNoeE8amHumWkO9CQgk7WigRs95lGs3SNPTaES%2F51pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d77d6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 2-depoimento-c.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 426 KB
426 KB 99ms
96ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/2-depoimento-c.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d466a74ad513a6222da9ed7a0022e57c96660b77f80671cd79154137fe8ca3f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 435871
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-6a69f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BM95%2B2kMEiVKza3tFufYACcbx6tGKCXOCb9MSC0arAlumDxPGR1mnBm78KiGs8yVK894xHusR3zF6sUK946XI6X5SF7HdXyQb%2BPumvYdasR7VPAESCUMUdMSLIlEre1HTzgk18aOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d79d6fd-FRA
expires: Sat, 09 Oct 2021 15:22:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 29D9 2 KB
561 B 66ms
34ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:12:44 GMT
server: ESF
date: Wed, 15 Sep 2021 20:17:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H3 200 1pote-desinpros.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 170 KB
170 KB 109ms
106ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/1pote-desinpros.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c1138f8c7b5a9f076bc659783538e985e4ba34f13b9d6a9f0ccd0aff7cbab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 173880
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-2a738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGZ3P55yFQsfFAwJ%2FP8GprIjqeL7l8NBnHHn1wxprEUrcWg7zA2%2BmQ%2F6cUFxZkDCnhZ8SlXsCI9H22GWDjczuYDSMnITf8ipSN%2B5CYikaVeiXZt2PHyPmsMUNOMO2HS8TmLy9Fa%2FwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d7bd6fd-FRA
expires: Mon, 04 Oct 2021 00:55:38 GMT

GET
H3 200 2-mais-1pote-desinpros.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 273 KB
274 KB 112ms
108ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/2-mais-1pote-desinpros.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03789bc9fecd15eb933b5effb22e7bd46730c795c090fdb67b9067e386b22fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 279579
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-4441b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fahsCRZofhbgsmAnYTl1W6OAgcRq0DCSZ%2BvqWsVcCrcuBrDEr2AXd%2BUmbWV9bl3Zt9IJIkbPvE7ByJ3gMkvQ4VPfuQERy%2FAOLdsDy2SZmKSPb4KW3i8WKdqJKamhbg5PQpD9NHcDRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d7cd6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 3-mais-3potes-desinpros.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 164 KB
164 KB 117ms
114ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/3-mais-3potes-desinpros.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2b873a2251d89a1b45ea4019bb79175a08e509bc4f26236ca3ebd65f4f0fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 167549
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-28e7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTu6tnLd8H69MsvWYMQdtRFkbmiZOp3iQtOUnZTgfEGl8902EmnHwpAaSyoLPntdn4tVCYQc5gzENOMriDGo%2Bcf%2FF7vtrUeqMgBxr5giyPMujrbudkzG9vZ%2B5HNPPTVgkl36ovfNpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d7dd6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 5-mais-5potes-desinpros.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 191 KB
192 KB 119ms
115ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/5-mais-5potes-desinpros.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af28c589903c9dbd47d72546f39fe014e7c9b6ca9c46ea3364663114fc460fe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 195720
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-2fc88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=milGZwSxPW7151oyYnonl9t7ULAZmfGo0GXW9EJgz68S4aozjlK%2FFp5jb8RXcX0appWA5j8ilIboVPoPnjo3%2FdaiVjvnLJyEYl0D9zOn0N6buF4XtM5lJMAVmUeNNuxHoUWNuiE8HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d7fd6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 compra-segura-meiospagamento.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 5 KB
6 KB 124ms
120ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/compra-segura-meiospagamento.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 979cd5c0c81121eaef99eecd8d2574e4a1f0e6ee887ae1087ce61cad8e6ef56a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5477
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-1565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQKQWZela8aJ5dp9kDnTvQGMfGpBmNug6B6BkaqLBM2lDT2JSMCIWYiWWQO8slyU%2BgxrurMxI964FeUarT2FlZcfklpkrrN%2FXSTus2LBtUTJOPVZqWOzKb9fVDz%2B31IbmkUrI188fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d80d6fd-FRA
expires: Sun, 10 Oct 2021 11:49:19 GMT

GET
H3 200 cancer-de-prostata-o-guia-completo-img.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 233 KB
233 KB 38ms
35ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/cancer-de-prostata-o-guia-completo-img.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace9599075739995c9f54628913ee3a67db337ad96e427fe56a72882a8288e1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 238152
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-3a248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnImqt7BQVtDtwR1Osgg5gZxaRY1LeGFXnDKDX4i3tdHhIf2x12KdcmMhqytODrjZJB7u843ipKEbne64cmI5hILSzV3wMOpy7PopZzMJhEGW0Dj%2F%2FHP75qpEXf9edGQ65mF7fnYAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d82d6fd-FRA
expires: Sat, 09 Oct 2021 23:46:27 GMT

GET
H3 200 desinpros-garantia.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 67 KB
67 KB 127ms
124ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/desinpros-garantia.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877c61f385a6ac069243e2244e1377a4f70429df958d50539c4ac3536a577967

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68353
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-10b01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1VPVaqI2tMB0t7RtEngKpnFfJqdYNMhg5td%2B5s6JhLYzjO%2B%2B7xSgI7NOaPk2NHT1uP2RN3S33JmqoDyMfBZNxC%2BWjJdfCwBUVtNAHu%2BdAw41SA99XvNGdjlHxxxMj%2BvGYQLlMwfzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d85d6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 desinpros-natural.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 55 KB
55 KB 129ms
125ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/desinpros-natural.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912278fba4f0a45aaf2a1c7468e7b193f09f26c15d6e12d75f5f202605993a70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1966693
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56118
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-db36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ui%2BL9kEDos0H4e7hPazBAuPb1%2BErEqyywNljZpGjd27B8PF2%2F3L0OPLoBE8bSQTP3XA4dTXv7l6iV0qBv1aS%2BzCgnDJqidCLM%2F91KUGprYBG4t92mjfYFojdinJNgqwIgzZMlcnYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d86d6fd-FRA
expires: Thu, 23 Sep 2021 01:59:19 GMT

GET
H3 200 pagamento_footer.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 2 KB
2 KB 130ms
126ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/pagamento_footer.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bafa2c8c40a91dd028ae54aaa71728595949a25924c44c5a8019467191370e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1815
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-717"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAPR%2FS0p7boZ1dliHXyAeCb4m1mst5eW42ckx1z7q27bAxiTVYzwX1kdOd2KFp1kuRo9SAR64TDXyMn1dOJ5pyyGSfj6VJmzUZevonC%2BbtGidzukigGTeefXgNp9iIpKbyROSVk7PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d88d6fd-FRA
expires: Sat, 09 Oct 2021 23:46:27 GMT

GET
H3 200 correios_footer.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 702 B
1 KB 130ms
127ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/correios_footer.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daba97ce8a337f024562d6f409ec7d6456f2a6f6ee22cfe31aa812ca8f9e2ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 220849
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 702
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-2be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ai4zi0bcIdhzDU8r1Uocb0XQKT3Rqcxb6KxMUmi%2FV4SV39%2BHaMXJoiVnZ97oEJfs%2FWOQ857Ar%2Flt1EGhFLVIiPYjgw3VDkfe%2Ft58eRy8m5ZwnCHA27vd2QW%2F9hBBSeO0OVF87X8nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d89d6fd-FRA
expires: Wed, 13 Oct 2021 06:56:43 GMT

GET
H3 200 selo-site-seguro.jpg
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 27 KB
27 KB 130ms
127ms Image
image/jpeg 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/selo-site-seguro.jpg
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b434939e28a78d9b8b264417e15133619b38e6acd871b7ebf96dc27b89e268d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27329
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-6ac1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy0Olge6snq5MYYfDxT10RvQrEH99kK4b%2Brvf3LKCSyDaxvlZ0ZhRCWvi6tu47bSxyYp3sVePjrO1oHb8y7q8U23USg2ZTWNkd7RpJqud2KJsV7V9mlp7XAsgFUDVCmtOXfcYnvDzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d8dd6fd-FRA
expires: Sat, 09 Oct 2021 15:22:42 GMT

GET
H3 200 email-decode.min.js Show response
www.desinpros.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 29D9 1 KB
1 KB 10ms
10ms Script
application/javascript 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.desinpros.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/?mcr=ADV15968591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgxhcq8G80D6X22ghyeduXjizOiAsuW1qdcRzwFKMv0maHBVgzXbNeZtDrIDno0fnrErJEUs9obo6SOqWu5QVPU8Die1mdD0fsVIGUmLPkeH%2BC4a9H1j%2FSq8oU9WG1ayOkMFsAvjgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a01ed30d6fd-FRA
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 20:17:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 29D9 82 KB
30 KB 95ms
19ms Script
text/javascript 172.217.169.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 15 Sep 2022 20:10:13 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ Frame 29D9 20 KB
7 KB 67ms
24ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desinpros.com.br/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 789709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6451
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePvpedyxj5XpnDwY2V%2Fb1AmXZOYVUrHLagvuS7rJ1h%2F0c1NjAb1uL%2BbO%2F0jW21HEOwD6xZ0HlfyQKSTYihh%2B702HlOKIvy%2Ft97CRV0w8hdOrl4BPBqyZbdyLgkix0PWxJmVonRY%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f48a024de427a0-PRG
expires: Mon, 05 Sep 2022 20:17:32 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ Frame 29D9 50 KB
15 KB 42ms
24ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desinpros.com.br/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 264497
cdn-cachedat: 08/23/2021 03:10:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d46145a1d38b6398b14106ed747400ca
cf-ray: 68f48a021f66411f-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 load.js Show response
app.cartstack.com.br/activeAPI/ Frame 29D9 12 KB
4 KB 98ms
40ms Script
application/javascript 104.22.31.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/load.js

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.31.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions, sunset.solutions

Resource Hash

ac1e7257a75f95079823aeee2f9602cb401000105d8664172d159eaacba4800c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-lb: 1
x-cs: EXPIRED
age: 5159
x-powered-by: sunset.solutions, sunset.solutions
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Sep 2021 17:46:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=19821
cf-ray: 68f48a026c1827c0-PRG
cf-bgj: minify

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 29D9 27 KB
7 KB 92ms
28ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 12581106
cdn-cachedat: 2021-04-23 07:30:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: db0d5d4116b45a4e6ed2f6ec1d4ab5de
cf-ray: 68f48a0268924107-PRG
cdn-requestcountrycode: CZ
cdn-requestpullsuccess: True

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 29D9 99 KB
25 KB 75ms
36ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: AeCqWoVR12Ljj5DIepESbyApn7bPm5oONBP48wFYoRBdSZWkacZm1THlcXxUKVadmX65vFtPCX5TZBViT7ABbQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1184004/ Frame 29D9 74 KB
25 KB 30ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1184004/tfa.js
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb4ae5f88f35aa586daaf8bc32390ff48edf1fcac9f6216657b60ec0b9275e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oSy3rf49mploxHJ7gH3bv5puIBS7UW5H
content-encoding: gzip
etag: "597a21ad2df5bb760e0485eb28107de6"
age: 5
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24755
x-amz-id-2: nuD2qHGIv7FqkbUw5CcpGWBCB53h3JIZtB7ytZgttl5HzQD588NcS8Ze3k2ZkAVbRJAlyhS2bds=
x-served-by: cache-hhn11548-HHN
last-modified: Mon, 09 Aug 2021 10:17:10 GMT
server: AmazonS3
x-timer: S1631737053.503625,VS0,VE1
date: Wed, 15 Sep 2021 20:17:32 GMT
vary: Accept-Encoding
x-amz-request-id: Y063SRQM596D4AAB
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 29
x-cache-hits: 1

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 29D9 12 KB
4 KB 284ms
225ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1631737052473
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: aa8498d2-7144-4474-ba80-d048a6cce336
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68f48a026941411a-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 29D9 30 KB
9 KB 115ms
43ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 04C38FF229C349818EB09CB95632FDD8 Ref B: PRG01EDGE1012 Ref C: 2021-09-15T20:17:32Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3 200 C-7xRLkwLgY Show response
www.youtube.com/embed/ Frame 3216 56 KB
24 KB 72ms
71ms Document
text/html 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

2b85fb3aa2cdb41f188e891957349fd0e96b602461c84bf416c8d6b5993d66a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.desinpros.com.br/
accept-encoding: gzip, deflate, br
cookie: YSC=m9KPxZHQrbU; VISITOR_INFO1_LIVE=UTFsFViEvIE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 20:17:32 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 9FHKLOZNimI Show response
www.youtube.com/embed/ Frame 952C 56 KB
24 KB 61ms
61ms Document
text/html 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

35e9b418851fc47bf517c6a122d1550c52f148f84e9f03111988134c22afafe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.desinpros.com.br/
accept-encoding: gzip, deflate, br
cookie: YSC=m9KPxZHQrbU; VISITOR_INFO1_LIVE=UTFsFViEvIE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 20:17:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 jMY0u0XQEig Show response
www.youtube.com/embed/ Frame 1C6D 56 KB
24 KB 65ms
65ms Document
text/html 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

04ddbcdf7b17a879ed5a2ac0cc6c703d3065140b2523ecb775614fc002c57a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.desinpros.com.br/
accept-encoding: gzip, deflate, br
cookie: YSC=m9KPxZHQrbU; VISITOR_INFO1_LIVE=UTFsFViEvIE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 20:17:32 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 icon-check-blue-2.png
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 1 KB
2 KB 125ms
125ms Image
image/png 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/icon-check-blue-2.png
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/assets-ren31/css/style-v=4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c926bb9d7e6de25c35313d9969ae65f4374f1431f29926720f34347887e9998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/assets-ren31/css/style-v=4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740341
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1267
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsXwt6XKqZH2PIYo1%2BSCve76sjvE%2FQAJMBjIWVLXJYj2D6MLDLXpuauIHVrzk3yCnSlDCSVH4GtgQdF2qaIyys0zv9mDKg0%2FAqEihnekkmIDDJQS4j2J7EJ0Vk7lRBEe3gCYowikXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d92d6fd-FRA
expires: Thu, 07 Oct 2021 06:38:31 GMT

GET
H3 200 bg-cinza-escuro.jpg
www.desinpros.com.br/assets-ren31/img/ Frame 29D9 9 KB
9 KB 125ms
125ms Image
image/jpeg 104.21.48.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desinpros.com.br/assets-ren31/img/bg-cinza-escuro.jpg
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/assets-ren31/css/style-v=4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5406e473d7cdf902685683a7c58926b1e83da05984630c115c2ceea49a6e18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/assets-ren31/css/style-v=4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8896
last-modified: Sun, 03 Jan 2021 03:25:29 GMT
server: cloudflare
etag: "5ff13929-22c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUDYD%2FtatfpVi3G6d7b04OI%2BDKGXzhYVfu%2BIEROZktCjKH2JH6DE1o7iSHOmAeoCSPc94oWJM3NRzMoWUGp6Uj3EKs%2BviCO6IwkXg6ftk468LPClVKcbfR5y3NqVFKQiJjEeuIheHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 68f48a020d97d6fd-FRA
expires: Sun, 10 Oct 2021 00:10:17 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 29D9 22 KB
22 KB 45ms
19ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,r,b,i,bi%7CRaleway:300,r,b%7CLato:300,r,b,i,bi%7CTitillium%20Web:300,r,b,i,bi%7COpen%20Sans:300,r,b,i,bi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:41:57 GMT
x-content-type-options: nosniff
age: 102935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:41:57 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 29D9 23 KB
23 KB 56ms
31ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,r,b,i,bi%7CRaleway:300,r,b%7CLato:300,r,b,i,bi%7CTitillium%20Web:300,r,b,i,bi%7COpen%20Sans:300,r,b,i,bi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:53:06 GMT
x-content-type-options: nosniff
age: 210266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 09:53:06 GMT

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 29D9 28 KB
28 KB 64ms
39ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,r,b,i,bi%7CRaleway:300,r,b%7CLato:300,r,b,i,bi%7CTitillium%20Web:300,r,b,i,bi%7COpen%20Sans:300,r,b,i,bi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:07:10 GMT
x-content-type-options: nosniff
age: 393022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 07:07:10 GMT

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 29D9 33 KB
33 KB 70ms
45ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,r,b,i,bi%7CRaleway:300,r,b%7CLato:300,r,b,i,bi%7CTitillium%20Web:300,r,b,i,bi%7COpen%20Sans:300,r,b,i,bi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 17:22:47 GMT
x-content-type-options: nosniff
age: 269685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 17:22:47 GMT

GET
H3 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v10/ Frame 29D9 11 KB
11 KB 77ms
51ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v10/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,r,b,i,bi%7CRaleway:300,r,b%7CLato:300,r,b,i,bi%7CTitillium%20Web:300,r,b,i,bi%7COpen%20Sans:300,r,b,i,bi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 08:16:48 GMT
x-content-type-options: nosniff
age: 129644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11720
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:00:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 08:16:48 GMT

GET
H2 200 json Show response
trc.taboola.com/1184004/trc/3/ Frame 29D9 2 KB
1 KB 36ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1184004/trc/3/json?tim=1631737052534&data=%7B%22id%22%3A492%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1631737052523%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.desinpros.com.br%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fmcr%3DADV15968591%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbellacarebr-br-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1631737052533%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.desinpros.com.br%2F%3Fmcr%3DADV15968591%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1184004/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4ccb849966972d315a713c61e8377694648d6d8b975fdc3fe001a682a02bcd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
server: nginx
x-timer: S1631737053.552214,VS0,VE16
x-served-by: cache-hhn11548-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 29D9 16 KB
16 KB 20ms
19ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 17:23:42 GMT
x-content-type-options: nosniff
age: 269630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 17:23:42 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ Frame 29D9 65 KB
66 KB 24ms
24ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://www.desinpros.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617
age: 477893
cdn-cachedat: 2021-07-24 16:51:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c38ee21b9ecb26f25c7da10d231e84bf
accept-ranges: bytes
cf-ray: 68f48a032a34411f-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 1103475203411333 Show response
connect.facebook.net/signals/config/ Frame 29D9 306 KB
87 KB 37ms
37ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1103475203411333?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

d8cde61dbe3c3d8e54fabb40b44c5007b9b2c8f38369aa22182a9d367a3ee75e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89536
x-xss-protection: 0
pragma: public
x-fb-debug: yXfM+fjp3SCTrrzBhkzz6gESqTFJ8lHFQKbXRdBxhck0Zo/6GiKB/JfsNwiQiErzEOs8qQAupIE2IuxRXWAzQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 56338128.js Show response
bat.bing.com/p/action/ Frame 29D9 0
111 B 170ms
170ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56338128.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Sep 2021 20:17:32 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: A867E64DEF214565AF45DEBC9E36845A Ref B: PRG01EDGE1012 Ref C: 2021-09-15T20:17:32Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 29D9 0
150 B 44ms
44ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56338128&Ver=2&mid=21ede510-b5eb-4696-8ba3-0c6f8e7bbe9e&sid=f56da400166111ec99f9531e58472844&vid=f56dd840166111eca0d777e718f5ac95&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=DesinPros%C2%AE%20%7C%20Seu%20aliado%20na%20sa%C3%BAde%20da%20pr%C3%B3stata&p=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2F&r=&lt=1475&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=940256
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 15 Sep 2021 20:17:32 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 404DEB78797240C085E72B674C083F8D Ref B: PRG01EDGE1012 Ref C: 2021-09-15T20:17:32Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api.sunset.systems/services/ Frame C112 2 KB
2 KB 233ms
31ms Document
text/html 172.66.40.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sunset.systems/services/?type=dtnl
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771960e3e360d91710834071e30f1fe5c0dc53001b6c008d02d4c948b6b6091a

Request headers

:method: GET
:authority: api.sunset.systems
:scheme: https
:path: /services/?type=dtnl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.desinpros.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-ua-compatible: IE=Edge
cache-control: max-age=259200
cf-cache-status: HIT
age: 1330
last-modified: Wed, 15 Sep 2021 19:55:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT7UcB6QC8QFRsPqi2VBhtOKdnfd9FQ6zJ%2FOvoI4i5RmuhY%2BZZVU5rjgQlRS1xvWriWtsqzek%2Bvcfjwgt%2FdYMBzv014LmTox%2FDimRb8q3lx3G%2BYuLwbyqvxvIm1qE87vJ36hOCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68f48a04a8602790-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
conectiva.io/XEngine/services/ Frame 29D9 94 B
769 B 347ms
38ms XHR
text/html 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/services/?type=domain_inf&inf=DKEY+DGUID+DOMAIN&ref=ZGVzaW5wcm9zLmNvbS5icg==&v=1
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions, sunset.solutions
Resource Hash: 702e4f62c951cff1eb44a078574a27b195f31e848f22361757c9f469e4758e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cs: MISS
age: 352371
x-powered-by: sunset.solutions, sunset.solutions
access-control-allow-methods: GET, POST, OPTIONS
last-modified: Sat, 11 Sep 2021 16:07:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRURJAFQ8h%2F%2BkyiAfeIdlRrbqkkryQNDQ2%2BY6OjnlRgzOOaUrHOrqviAioHOx4U7bqXDIbigZ1nGAZP8hyW48VwhYoK5G%2F4s%2BfUWuYZYy86wYJR0kzSQgERrAee5Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-maxage=604800
cf-ray: 68f48a0558134125-PRG
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/1256b7e2/ Frame 952C 329 KB
45 KB 19ms
18ms Stylesheet
text/css 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46342
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 19:44:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/ Frame 952C 201 KB
66 KB 27ms
26ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103686
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67242
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 952C 2 MB
504 KB 46ms
45ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516210
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 12:16:33 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/ Frame 952C 8 KB
3 KB 45ms
44ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103686
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 952C 15 KB
15 KB 19ms
19ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 13:04:46 GMT
x-content-type-options: nosniff
age: 285166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 13:04:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 29D9 48 KB
20 KB 81ms
29ms Script
text/javascript 142.250.187.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145849447-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2123
date: Wed, 15 Sep 2021 19:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 21:42:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 29D9 96 KB
38 KB 38ms
38ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-971728356&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145849447-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fa98057ed70e6196bbb3b4b96379e45c3a9dec943b9c43d7cf09ebb869cecc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39169
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 29D9 36 KB
14 KB 100ms
38ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-971728356

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14047
x-xss-protection: 0
server: cafe
etag: 13691176309111193505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/1256b7e2/ Frame 1C6D 329 KB
45 KB 18ms
18ms Stylesheet
text/css 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46342
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 19:44:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/ Frame 1C6D 201 KB
66 KB 42ms
42ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103686
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67242
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 1C6D 2 MB
504 KB 49ms
49ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516210
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 12:16:33 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/ Frame 1C6D 8 KB
3 KB 50ms
50ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103686
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C6D 15 KB
15 KB 19ms
18ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 13:04:46 GMT
x-content-type-options: nosniff
age: 285166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 13:04:46 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/1256b7e2/ Frame 3216 329 KB
45 KB 20ms
19ms Stylesheet
text/css 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46342
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 19:44:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/ Frame 3216 201 KB
66 KB 39ms
39ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103686
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67242
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 3216 2 MB
504 KB 41ms
40ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516210
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Sep 2022 12:16:33 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/ Frame 3216 8 KB
3 KB 42ms
41ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 103686
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3216 15 KB
15 KB 20ms
19ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 13:04:46 GMT
x-content-type-options: nosniff
age: 285166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 13:04:46 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 29D9 44 B
88 B 41ms
41ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1103475203411333&ev=PageView&dl=https%3A%2F%2Fwww.desinpros.com.br%2F%3Fmcr%3DADV15968591&rl=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2F&if=true&ts=1631737052779&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1631737052672&coo=false&exp=p0&rqm=GET

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H3 200 1x1.gif
a.mgid.com/ Frame 29D9 43 B
435 B 149ms
130ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=573613&type=c&tg=&r=https%3A%2F%2Fwww.desinpros.com.br%2F%3Fmcr%3DADV15968591&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1631737052839
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68f48a046e5c2784-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/971728356/ Frame 29D9 2 KB
1 KB 37ms
36ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971728356/?random=1631737052841&cv=9&fst=1631737052841&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.desinpros.com.br%2F%3Fmcr%3DADV15968591&ref=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2F&tiba=DesinPros%C2%AE%20%7C%20Seu%20aliado%20na%20sa%C3%BAde%20da%20pr%C3%B3stata&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8afcbbaa126259b9a3178fa0f5229a0418b42d6837c91378538cdb8c521a7bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/971728356/ Frame 29D9 42 B
569 B 81ms
31ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/971728356/?random=1631737052841&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.desinpros.com.br%2F%3Fmcr%3DADV15968591&ref=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br%2F&tiba=DesinPros%C2%AE%20%7C%20Seu%20aliado%20na%20sa%C3%BAde%20da%20pr%C3%B3stata&async=1&fmt=3&is_vtc=1&random=1095350248&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1C6D 113 B
159 B 30ms
30ms XHR
application/json 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c1dd3b99c038ba78c7bc687109a5976d89d8d16ed405f9fb821547de9c0174bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1C6D 29 B
52 B 45ms
20ms Script
text/javascript 142.250.200.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:04:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 765
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:19:47 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 952C 113 B
159 B 30ms
30ms XHR
application/json 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

15441026a129a606b0446a1ccdaa4e1843b8d15746881702785a23dca2259984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 952C 29 B
52 B 21ms
20ms Script
text/javascript 142.250.200.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:04:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 765
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:19:47 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 3216 113 B
159 B 30ms
30ms XHR
application/json 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7b26e5a3d73a8edb3fb593869589af019a53e90426b6496c77500a0454202854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3216 29 B
52 B 19ms
19ms Script
text/javascript 142.250.200.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:04:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 765
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:19:47 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 1C6D 95 KB
29 KB 21ms
20ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29907
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:57:06 GMT

GET
H3 200 3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js Show response
www.google.com/js/th/ Frame 1C6D 34 KB
13 KB 84ms
31ms Script
text/javascript 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

sffe /

Resource Hash

de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 19:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13157
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 19:58:17 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 1C6D 24 KB
7 KB 20ms
20ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7343
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:56:18 GMT

GET
DATA 200
OK truncated
/ Frame 1C6D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTtqhlSJSvucYuh5k0Pdots3UuVxPkIN8usjd4f=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1C6D 2 KB
3 KB 96ms
25ms Image
image/jpeg 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTtqhlSJSvucYuh5k0Pdots3UuVxPkIN8usjd4f=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f1.1e100.net

Software

fife /

Resource Hash

30408479f746abe0f8aeb9e5e63749971007db0c538b893d4441eaa384f39f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:32:14 GMT
x-content-type-options: nosniff
age: 13519
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2397
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 12:31:21 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/jMY0u0XQEig/ Frame 1C6D 23 KB
24 KB 101ms
37ms Image
image/webp 142.250.178.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/jMY0u0XQEig/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f22.1e100.net

Software

sffe /

Resource Hash

8547df1bbef9ba5bdb8a0ded49162e71a35f770aed76c19451f58900a0cfdc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23820
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Sep 2021 22:17:33 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 952C 95 KB
29 KB 20ms
19ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29907
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:57:06 GMT

GET
H3 200 3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js Show response
www.google.com/js/th/ Frame 952C 34 KB
13 KB 56ms
37ms Script
text/javascript 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

sffe /

Resource Hash

de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 19:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13157
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 19:58:17 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 952C 24 KB
7 KB 19ms
18ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7343
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:56:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 3216 95 KB
29 KB 18ms
18ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29907
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:57:06 GMT

GET
H3 200 3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js Show response
www.google.com/js/th/ Frame 3216 34 KB
13 KB 46ms
42ms Script
text/javascript 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

sffe /

Resource Hash

de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 19:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13157
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 19:58:17 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame 3216 24 KB
7 KB 18ms
18ms Script
text/javascript 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

sffe /

Resource Hash

0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7343
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:56:18 GMT

GET
DATA 200
OK truncated
/ Frame 3216 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTtqhlSJSvucYuh5k0Pdots3UuVxPkIN8usjd4f=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3216 2 KB
2 KB 25ms
25ms Image
image/jpeg 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTtqhlSJSvucYuh5k0Pdots3UuVxPkIN8usjd4f=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f1.1e100.net

Software

fife /

Resource Hash

30408479f746abe0f8aeb9e5e63749971007db0c538b893d4441eaa384f39f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:32:14 GMT
x-content-type-options: nosniff
age: 13519
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2397
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 12:31:21 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/C-7xRLkwLgY/ Frame 3216 16 KB
16 KB 48ms
48ms Image
image/webp 142.250.178.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/C-7xRLkwLgY/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f22.1e100.net

Software

sffe /

Resource Hash

2960b8371a1fd637245d3ba982563f9adf29e28de872398114a96dce349eece0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:03:58 GMT
x-content-type-options: nosniff
age: 815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16672
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Sep 2021 22:03:58 GMT

GET
DATA 200
OK truncated
/ Frame 952C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTtqhlSJSvucYuh5k0Pdots3UuVxPkIN8usjd4f=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 952C 2 KB
2 KB 25ms
24ms Image
image/jpeg 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTtqhlSJSvucYuh5k0Pdots3UuVxPkIN8usjd4f=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f1.1e100.net

Software

fife /

Resource Hash

30408479f746abe0f8aeb9e5e63749971007db0c538b893d4441eaa384f39f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:32:14 GMT
x-content-type-options: nosniff
age: 13519
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2397
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 12:31:21 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/9FHKLOZNimI/ Frame 952C 14 KB
14 KB 58ms
58ms Image
image/webp 142.250.178.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/9FHKLOZNimI/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f22.1e100.net

Software

sffe /

Resource Hash

1074c31d8703e9501db47fee6833ccbc02acd4e4ee7d27f85b1231e537abe5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 18:53:25 GMT
x-content-type-options: nosniff
age: 5048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14348
x-xss-protection: 0
server: sffe
etag: "1590898816"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Sep 2021 20:53:25 GMT

GET
H2 200 core.js Show response
conectiva.io/XEngine/ Frame 29D9 16 KB
6 KB 65ms
32ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: bc75c17033ddcecf717ed63a71a43ce40dacd3502f1b65734df657aec3314619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1019
x-powered-by: sunset.solutions
last-modified: Wed, 16 Dec 2020 16:55:27 GMT
server: cloudflare
etag: W/"5fda3bff-6111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B9YSazdw627NXjEHMpHVVpHupzIwB6u8uK6FoFhq2ZS1SJhAsJovHkKuhg4rXw5vTXSlearxPJW2Nbdq1%2Fy6WY3uAnOM%2B9CX4u%2FktGF6sxlLEyLD4becDF0zHbLBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=24849
cf-ray: 68f48a05f9d92784-PRG
cf-bgj: minify

GET
H3 204 generate_204
www.youtube.com/ Frame 3216 0
9 B 19ms
18ms Image
text/plain 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ANXpFg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s25-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1C6D 4 KB
2 KB 36ms
36ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 952C 0
9 B 18ms
18ms Image
text/plain 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Std1yg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s25-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 952C 4 KB
2 KB 34ms
33ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3216 4 KB
2 KB 45ms
45ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1C6D 0
9 B 18ms
18ms Image
text/plain 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hFOcSA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s25-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 base.css
titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ Frame 752B 700 B
881 B 126ms
125ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.6.2.2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 452756306e2828de7e34cd35e4f027b82043d592cf06437b4892448f117d7493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Nov 2020 02:37:58 GMT
server: cloudflare
etag: W/"2c0-5b46c9dad30d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CjBOm06KgLF4nNvbB3JUO7DJrAwkQU6NBtSwa4TzWWHm8j4HgH0AibkbZiREPgzAtDfIijLSs5nuzXfXLrHWR%2B4bw0rWRwuGOO7JGFgyczhBs2VpF%2FTz%2FZaRp%2BFahwUUc464Mq1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 68f48a072ae664f7-FRA
cf-bgj: minify

GET
H3 200 blank_v2.css
titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ Frame 752B 0
581 B 115ms
114ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.6.2.2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
last-modified: Thu, 19 Nov 2020 02:37:58 GMT
server: cloudflare
etag: "0-5b46c9dae2ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVHG%2FcI7DeY2MpjOymzrf%2B%2BPzVbkgfEP2ioDS8rFS%2BY8l5ody6vwZ2qR1u8Lf%2FRD9zgMom8ZTMZuG7WY6Z%2Frq0OLks43Of30RVwEKz1bXBTVCNF04pbnFXOjT6y1mg6D4n7GE15y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68f48a072ae764f7-FRA
cf-bgj: minify

GET
H3 200 style.min.css
titanblue12x.com.br/wp-includes/css/dist/block-library/ Frame 752B 53 KB
8 KB 117ms
116ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.5.6
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Nov 2020 17:48:47 GMT
server: cloudflare
etag: W/"d293-5b400a3f93dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BOxSt6HG6q1jRMg7TeUQijeLqj8w5bwCvN%2BKfrDQaQmErTRu9UPXNHMfvZzFiQPiIKq4djK9jXI%2F5tJ1GDHVZ0Cu22y4yZZVmjkZzrQrlWRsswUcqs1vkc%2FqxaPTBtR1VoTZH%2FP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a072ae864f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 thrive_flat.css
titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/editor/css/ Frame 752B 740 KB
80 KB 131ms
130ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.6.2.2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef18580278ccd431dd7352e31feed74600cec0471c3c16604a057ef94d3eda4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=764719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Nov 2020 02:37:58 GMT
server: cloudflare
etag: W/"bab2f-5b46c9db20336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFiwhxM1fAnPR6Sq74fC%2FLm2b1CxxFTpkZSHBciPzmowm3rt8AmM1IjNEivOy32SiyF5pjWb%2BuBMPhKLS2n66i0%2Fr%2Fw8I2rZenc9h%2FFXk%2BqmKwLJdIZ26t1c5P%2B33AnpC2tNzxJX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 68f48a072ae964f7-FRA
cf-bgj: minify

GET
H3 200 style.css
titanblue12x.com.br/wp-content/themes/twentytwenty/ Frame 752B 86 KB
18 KB 118ms
117ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/style.css?ver=1.5
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775c5c627d0469071ecd62930a4aa051477777fdbf08f9be1164977bf9e381f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=121055
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 13 Oct 2020 18:44:32 GMT
server: cloudflare
etag: W/"1d8df-5b191ce3c8400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXUbCaVnavdy0ahv9sFKCF57EFbK5OxgpLimPtO7FvZxskPUR5zAmo4mRIcesk3tD4VVvXVtla2e86g%2F%2BgFsvmU7ReAjLPokCYFsVcniUstbucXPqtSjsvjsj63leNEtd9yA5A%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 68f48a072aea64f7-FRA
cf-bgj: minify

GET
H3 200 frontend.css
titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/css/ Frame 752B 29 KB
9 KB 139ms
139ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/css/frontend.css?ver=1.9.4
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b51c85723796c369b2421b7fe10628029238bdd05aab125aa85c2c5496b7b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=30189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 00:01:49 GMT
server: cloudflare
etag: W/"75ed-5b2230dd1b540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rE884Qwmlpf2aNSQlLeIZhVJxHLmQxpupuFfHxkaUE%2FIvAxi1xMjWsJxOfpL%2FdB1axcAUWU%2BxEyshfxX24%2F7NPrewP1ae8kiytGhRFIm2kK3f9cwrFWyxBl27L%2FJbj6usEMxkBz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 68f48a072aeb64f7-FRA
cf-bgj: minify

GET
H2

200

/
p1.zemanta.com/p/6665/7069/ Frame 752B
Redirect Chain

https://p1.zemanta.com/p/6665/7069/
https://p1.zemanta.com/p/6665/7069/?s=2

26 B
226 B

130ms
130ms

Image
image/gif

34.120.59.192
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.zemanta.com/p/6665/7069/?s=2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.59.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.59.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
via: 1.1 google
server: Google Frontend
p3p: CP="We do not support P3P header."
x-cloud-trace-context: 97b84f601d545d9d0ce69e4acb7b08d4
x-robots-tag: none
content-type: image/gif
alt-svc: clear
content-length: 26

Redirect headers

date: Wed, 15 Sep 2021 20:17:33 GMT
via: 1.1 google
server: Google Frontend
p3p: CP="We do not support P3P header."
location: /p/6665/7069/?s=2
x-cloud-trace-context: 495128b168b87c5d9c463a0a4e246745
x-robots-tag: none
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 40

GET
H3 200 css
fonts.googleapis.com/ Frame 752B 179 KB
45 KB 52ms
51ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nanum+Gothic:400,700&subset=latin

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

9c3b35a7dbfd775c1d6e666e5232c0a56503ab7fc2aa77ff6aea57fc338f0e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:17:33 GMT
server: ESF
date: Wed, 15 Sep 2021 20:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 752B 5 KB
697 B 38ms
37ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

a34e68796feb650977daf139feb1e1a43101bac68661c830ec12853b483ad4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:17:33 GMT
server: ESF
date: Wed, 15 Sep 2021 20:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 752B 2 KB
519 B 42ms
42ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:500&subset=latin

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

fb96b1d7f8e744453af9b215ab4802e1bbf033988a9dad10bf4b5cf761b5ecc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:17:33 GMT
server: ESF
date: Wed, 15 Sep 2021 20:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 print.css
titanblue12x.com.br/wp-content/themes/twentytwenty/ Frame 752B 1 KB
1 KB 111ms
111ms Stylesheet
text/css 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/print.css?ver=1.5
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8ed0f5e35f50e97bcfe50eed0eac8e1d3997128055c943e35d38edd8d0aa773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 13 Oct 2020 18:44:32 GMT
server: cloudflare
etag: W/"a0e-5b191ce3c8400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fER3DbLDzNqQ8RVZsH6XSl6N02qo2KFnR0u8%2FEkeFWjVT%2FR4sumX17kOSB98lvge3opoqoc%2FdkpEukk5UzwuryD3Z9JEtbJTRyYYYJGNZHtXDPAVr9vQoI37mNat9uo43G%2BTY7Io"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 68f48a072aee64f7-FRA
cf-bgj: minify

GET
H3 200 email-decode.min.js Show response
titanblue12x.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 752B 1 KB
1 KB 10ms
10ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://titanblue12x.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgS2pmJcQLIPyEEtXMLRaBKsKM2r1ZW2cwyOz5hypfPrsXmrTnddqzKGZCYL1fZ87Lx5Pwhp6VLVfqGPEyEZH1lsdxEDFwoo7c9tUaW%2FFMPGmcucee4VNpIuLFxwbyv%2BYOONhARC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a074af564f7-FRA
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 20:17:33 GMT

GET
H3 200 rocket-loader.min.js Show response
titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 752B 12 KB
4 KB 11ms
10ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlGlIEsdTZulk6BzZwPo%2B8lvg%2B0yH10%2F11trr1RMeDQksTeQPfIs1BPoU4wThBvHDfX1cfqnJP2SkXvud5GQxVnXKvYHhoEmpUXjJAlOVfXkoupqRlFgk%2F6nvvDoRpFAq%2BkbRLQi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a074af664f7-FRA
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 20:17:33 GMT

GET
H2 200 load.js Show response
conectiva.io/XEngine/DGUID/98648228-16E3-98DB-CF10-6EF1E24578A6/ Frame 29D9 66 B
385 B 26ms
26ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/DGUID/98648228-16E3-98DB-CF10-6EF1E24578A6/load.js?ts=1631743200
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 6bb1c1f188753172b2c18c7d2e6cf1c1ec8220fbc9e75e34be6d115d09d4c6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
x-powered-by: sunset.solutions
last-modified: Thu, 29 Oct 2020 12:24:29 GMT
server: cloudflare
etag: W/"5f9ab47d-43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27Oys4pN2UTaOo4ZHhobxOAGmT8Wj9U8S4%2FjtQMenHINUZHY4XfYXpDujN7krQIKDt%2FhpxVTRW8wHe1qdIQOcsXf3jwtmhyeKqyQJa4u6uy1Vhy8OwA%2Bknms13%2BZcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=67
cf-ray: 68f48a075d0b2784-PRG
cf-bgj: minify

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 1C6D 48 KB
14 KB 21ms
21ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Sep 2021 09:35:47 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B632 0
15 B 38ms
35ms Document
text/plain 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2785
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.desinpros.com.br
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.desinpros.com.br/
accept-encoding: gzip, deflate, br
cookie: fr=0AfaZSmVNfbaIVMtM..BhQlTc...1.0.BhQlTc.
Upgrade-Insecure-Requests: 1
Origin: https://www.desinpros.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.desinpros.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 952C 48 KB
14 KB 20ms
19ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Sep 2021 09:35:47 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 3216 48 KB
14 KB 24ms
23ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Sep 2021 09:35:47 GMT

GET
H2 200 app.css
lipotril.com.br/public/lp-03/assets/css/ Frame 6BD2 8 KB
8 KB 211ms
208ms Stylesheet
text/css 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/assets/css/app.css
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 73a50e697808b9386152a5d8d013c4545ec0fe1a78db6f63f73cecea08d05414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1e2d-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7725

GET
H2 200 index.css
lipotril.com.br/public/lp-03/app/mobile/css/ Frame 6BD2 14 KB
15 KB 213ms
211ms Stylesheet
text/css 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: ca26cb11baad5ac27f9ed9b7f5e909a0a180e39d9c27bc0f8999a882e23a53f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"3989-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 14729

GET
H2 200 fonts.css
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 3 KB
3 KB 213ms
211ms Stylesheet
text/css 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 1661a8640178c0fe1aeb1108792c69154b53a7b211d319899b01c57ddbae3051

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"a02-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2562

GET
H2 200 slick.css
lipotril.com.br/public/lp-03/app/mobile/css/ Frame 6BD2 2 KB
2 KB 213ms
212ms Stylesheet
text/css 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/css/slick.css
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: eea029d645143213ae1d0ed27a92b8178686c142ff28833621bc79535ef1f6dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"77a-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1914

GET
H2 200 jquery.fancybox.css
lipotril.com.br/public/lp-03/app/mobile/css/ Frame 6BD2 5 KB
5 KB 231ms
230ms Stylesheet
text/css 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/css/jquery.fancybox.css
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 52573539faf65d5bce3b8bd10de77ac89eff2b8194656a858d95f49db6364e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"12ba-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4794

GET
H2 200 logo.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 32 KB
32 KB 615ms
615ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/logo.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 0150b1109ca8beff50bdcd79d48b6a476f55e3d462e2eec4a28eb6993f8d5009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"7eb7-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 32439

GET
H2 200 s1-hd.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 91 KB
92 KB 613ms
606ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/s1-hd.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 05e2b9ed81359985e0f53857b2e47f0694d40dd61347c1e334b9dd1f28b9b7cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"16cf7-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 93431

GET
H2 200 wd1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 116 KB
116 KB 613ms
606ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/wd1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e442d3cff81385d9bd436da041042ce5ff04982953644cae0faac680e7a2cb51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1cf3d-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 118589

GET
H2 200 pote.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 181 KB
181 KB 613ms
606ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/pote.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 42912637915601d02410e2d9831d237a762b5a5f2fa40c5d4c7a7d537eaed563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2d225-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 184869

GET
H2 200 order-arrow.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 33 KB
34 KB 613ms
606ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/order-arrow.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 916fadea43544bc449ba92e0845f54a35649bdecfea11cacceb3bdc94b18b005

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"8537-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 34103

GET
H2 200 secure.svg
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 1 KB
2 KB 613ms
606ms Image
image/svg+xml 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/secure.svg
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: cf0ef2795468e1989c60f13198f7b0b173afce52bc9f5058c4e967bda36624d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"54b-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1355

GET
H2 200 sec2-icn1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 9 KB
10 KB 613ms
606ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec2-icn1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 24a8efd5f2415f3b9e5ab7c5809ee619e074bbb552cdee7f78f0191c1548ca22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"25e7-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 9703

GET
H2 200 sec2-icn2.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 7 KB
7 KB 614ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec2-icn2.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 37f4ba5bc095c30c53f3c86f69829ecf5f1edb12705a0cdbaff15dec93b2e300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1cd6-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7382

GET
H2 200 sec2-icn3.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 8 KB
8 KB 613ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec2-icn3.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 5ad700ef94084146deb9d4de4a4a387ebbc8fc56c5c3ff0c9a96aec67efdfe61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1ee0-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7904

GET
H2 200 cmn-head.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 6 KB
6 KB 613ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/cmn-head.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 1b0d96975c649d06733d981489267989b6fc8f8a81b2a6c95f3a8e96413e2c9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"18c5-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 6341

GET
H2 200 common-bdr.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 4 KB
4 KB 613ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/common-bdr.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 52ffcaf1a7779c528b4ec52ec230165b9db65041f058c4e83df9d150fd02985b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"10a3-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4259

GET
H2 200 sec3-people-img1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 113 KB
113 KB 613ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-people-img1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 12d3557521947f22e8e054c3558a5b127ca2acc6ffcc82bb0d7c124782bef625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1c39a-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 115610

GET
H2 200 sec3-icn1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 9 KB
9 KB 613ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-icn1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 811ad920917d8826892c52f907521945aa1c57f0e0713398304aaaa0b2dde69e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"23a0-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 9120

GET
H2 200 sec3-people-img2.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 100 KB
100 KB 614ms
607ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-people-img2.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: c1bb68c7b6d39bfb39c481e3c09228f53cc780cc28ff048538f0e47d54ccf678

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"19060-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 102496

GET
H2 200 sec3-icn2.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 10 KB
10 KB 614ms
608ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-icn2.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e5d0f99ec5cfa165678307ece3349c2fbd8a3f833a11c23223baeb149fee85b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"272f-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 10031

GET
H2 200 sec3-people-img3.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 191 KB
191 KB 614ms
608ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-people-img3.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 9eec75b207adaf73bd0026efb711af72d3c7c204211c93964bcb3a07fa466c0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2fc12-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 195602

GET
H2 200 sec3-icn3.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 10 KB
10 KB 614ms
608ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-icn3.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 576ac42a1b9134febb315c59d621b1a71af526b7b04c95310594fe19d0ffa7c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"287c-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 10364

GET
H2 200 sec3-people-img4.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 151 KB
151 KB 614ms
608ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-people-img4.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 8875b21a56088a270e20d9e844da4228efc45cf8e8363762987646e51f902ee6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"25a1c-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 154140

GET
H2 200 sec3-icn4.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 8 KB
8 KB 613ms
608ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-icn4.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 7d9f7c63cbec923471639016a0fc5ae9344c51757b2324eed9d9c8fc44e37df0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1e31-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7729

GET
H2 200 sec3-doctor.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 36 KB
36 KB 614ms
608ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec3-doctor.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 44e0e2479c7e3a86a4a4ce786f941304a58c932744eb122c1aa3f96e2db5fe07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"8f3c-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 36668

GET
H2 200 3pote.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 188 KB
188 KB 614ms
609ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/3pote.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4f35ae9c0191b08280b7a2990fd918e5efb6c76f642b2d7e66559f727531c61b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2f01c-17b9795feaf"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 192540

GET
H2 200 sec4-recm-img.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 26 KB
26 KB 614ms
609ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-recm-img.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: abb8dbfe0280a3ff0887080db7afffa8f8ff04795e564d8a24d0fc6268d95211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"66a9-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 26281

GET
H2 200 vid1gif.gif
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 812 KB
813 KB 614ms
609ms Image
image/gif 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/vid1gif.gif
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: fd0aa03c426905fea9b0d6bc2650a37dda132a705bd2f040fc0ff4200e4ea53c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"caf3c-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 831292

GET
H2 200 sec4-icn1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 8 KB
8 KB 614ms
609ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-icn1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 5a89ce7ccd4f2293c08edebb6b13de296dfc47ba299aef8c783e435a36151a4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"20b0-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 8368

GET
H2 200 sec4-icn2.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 8 KB
9 KB 614ms
609ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-icn2.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: d35615d0a42866b2f386526230da46a9e3b26f2ebc74b3b454a5bde13a409805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"21cc-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 8652

GET
H2 200 sec4-icn3.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 8 KB
8 KB 614ms
609ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-icn3.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 09326eaeb66b8383efe4412029740b3e25ce2ebe617b56052e9978494e0080ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1f6d-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 8045

GET
H2 200 sec4-icn4.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 7 KB
8 KB 615ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-icn4.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: ffdba87af113fd6db04e997ffafcd03e5559c0cb5a7818af5fd29d3b0dd1cbb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1d7f-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7551

GET
H2 200 s7-sld-btm.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 1 KB
1 KB 614ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/s7-sld-btm.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 935acb1e6cc438a734a4262280db05d94b91fe5ebb1a3c7c56bd50946a1c1832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"4f3-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1267

GET
H2 200 sec5-ing-img1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 32 KB
32 KB 615ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec5-ing-img1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 748fb0f535901214a2dbe6c8df962d785ff4614c00e576eddbcc73ffd790feb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"7fa9-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 32681

GET
H2 200 sec5-ing-img2.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 36 KB
36 KB 615ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec5-ing-img2.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6d4cba4b2280d1eff1af9db591b8528f15429932462d7dbb2137251a8a304231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"8fcd-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 36813

GET
H2 200 sec5-ing-img3.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 58 KB
58 KB 615ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec5-ing-img3.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4f50a6dd9af2c418d66e84372c8fc5e6ada470c01c38c1792136d9ff7ff34f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"e7dc-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 59356

GET
H2 200 sec5-ing-img4.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 56 KB
56 KB 615ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec5-ing-img4.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 25e5575f5e6b9c9fe4c133b05cf363f0d311c9b32637c1cc047eac626dceb54f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"e036-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 57398

GET
H2 200 p-seal1.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 29 KB
30 KB 615ms
610ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/p-seal1.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 629ad02d4285d24f8b267a7aef005d1acfd5c6eb7351e48daef3937c29e792a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"75ea-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 30186

GET
H2 200 p-seal3.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 18 KB
19 KB 615ms
611ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/p-seal3.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: bfe609b69e3f627aa6c5dd9819cab81012ed54e709d8e4bf95c1d8b35bcee58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"4966-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 18790

GET
H2 200 p-seal4.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 38 KB
38 KB 615ms
611ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/p-seal4.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: c75c8fbf6ed4bf8468077d9bfad4aa8b7d44361b02df26cb77aff8630a17c1d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"979e-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 38814

GET
H2 200 sec6-star.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 7 KB
7 KB 615ms
611ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec6-star.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: a83748df7009f64c8326d05461d264f6d48ed6ae2b33f6d5b7d1201137342fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1b9a-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7066

GET
H3 200 tr
www.facebook.com/ Frame 6BD2 44 B
88 B 42ms
40ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=268115011581403&ev=ViewContent&noscript=1

Requested by

Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 6BD2 44 B
88 B 44ms
41ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=469054330906668&ev=ViewContent&noscript=1

Requested by

Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 6BD2 44 B
88 B 44ms
42ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=186096026452911&ev=ViewContent&noscript=1

Requested by

Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 6BD2 44 B
88 B 46ms
43ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=288178779494198&ev=ViewContent&noscript=1

Requested by

Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 6BD2 44 B
88 B 46ms
44ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1134867763643923&ev=ViewContent&noscript=1

Requested by

Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H2 200 order-btn.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 16 KB
16 KB 805ms
802ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/order-btn.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 69b2f87a9043a80a2953270957554b5cc36c94a31ec930aba91077f7246e7991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"40d0-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16592

GET
H2 200 bio-high.png
lipotril.com.br/public/lp-03/images/ Frame 6BD2 32 KB
33 KB 806ms
803ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/images/bio-high.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 14318637a9a1c2fba75fc16d18b1c274c81c02317c2450cd4a34b6be531ef6df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"815d-17b9795fecb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 33117

GET
H2 200 jquery.min.js Show response
lipotril.com.br/public/lp-03/assets/js/ Frame 6BD2 81 KB
81 KB 409ms
408ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/assets/js/jquery.min.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1449c-17b9795fec7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 83100

GET
H2 200 jquery.mask.min.js Show response
lipotril.com.br/public/lp-03/assets/js/ Frame 6BD2 11 KB
11 KB 413ms
411ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/assets/js/jquery.mask.min.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 5bbed529149eb4c964cc90ea5328b75a49f8fddf4792c4a336f45ae0a76fb2f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2c8a-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11402

GET
H2 200 validator.js Show response
lipotril.com.br/public/lp-03/assets/js/ Frame 6BD2 5 KB
5 KB 413ms
412ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/assets/js/validator.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: ecdb2233054eea15e54457f5d72359c4efcf68f17819ebd70b054c82a3d72343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1225-17b9795fec7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4645

GET
H2 200 address.js Show response
lipotril.com.br/public/lp-03/assets/js/ Frame 6BD2 6 KB
6 KB 413ms
412ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/assets/js/address.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 3ffa7af1b979934d3f62641616e156d7e2ccb0dfd215d83b2534d3cb013c74ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1736-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 5942

GET
H2 200 checkout.js Show response
lipotril.com.br/public/lp-03/assets/js/ Frame 6BD2 7 KB
7 KB 413ms
412ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/assets/js/checkout.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 640fdeff1595feb4eefa738c9ef91f011b9bdf74b22f86c62204e3803fa2b157

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1d26-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7462

GET
H2 200 jquery.fancybox.js Show response
lipotril.com.br/public/lp-03/app/mobile/js/ Frame 6BD2 31 KB
31 KB 614ms
613ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/js/jquery.fancybox.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 2acd5c593f99ed3f880053a8e2e09daa948ebff4c8615efa63055e0695756926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"7b54-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 31572

GET
H2 200 slick.js Show response
lipotril.com.br/public/lp-03/app/mobile/js/ Frame 6BD2 78 KB
78 KB 615ms
615ms Script
application/javascript 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/js/slick.js
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 9015d2fa1bc584fa68e6d621531312cf691cfd2660822dd2d1be799a1b37f674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"138d9-17b9795fec3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 80089

GET
H2 200 proc.js Show response
conectiva.io/XEngine/DGUID/98648228-16E3-98DB-CF10-6EF1E24578A6/ Frame 29D9 0
296 B 23ms
22ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/DGUID/98648228-16E3-98DB-CF10-6EF1E24578A6/proc.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
x-powered-by: sunset.solutions
content-length: 0
last-modified: Thu, 29 Oct 2020 12:24:53 GMT
server: cloudflare
etag: "5f9ab495-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tzag1p7yO%2B8OHdugNis%2FSog0WfbAzPPy%2FQY6I3U3o2%2F9lmdvB0ruQOiMs9XiuiD54W9Xi6p%2FItX4CkFc2d9vBDX8iZxgKydYd3KNYMfOEPV61uErRzuEaJLEPClUJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68f48a078d8a2784-PRG
cf-bgj: minify

GET
H2 200 datatunnel.js Show response
conectiva.io/XEngine/extensions/datatunnel/ Frame 29D9 788 B
727 B 35ms
34ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/datatunnel/datatunnel.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 755a031eaeb32170081e04ff2f614f99ff4bd102cc915420bc5f503368a5c716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020
x-powered-by: sunset.solutions
last-modified: Fri, 30 Aug 2019 19:31:10 GMT
server: cloudflare
etag: W/"5d69797e-3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gElYH%2FvfiONPSE8Xky2nEz%2B77N7DhxC63CcR%2Fqh%2B1T3rPTCZJBxOYbYTOaEpzm7KzGNi55kwG7v0wlgVx7YB8BOWK9r2Cv0jxZ9LD0CW5%2Bffe0xI2GGS53%2BHj5voXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=979
cf-ray: 68f48a078d902784-PRG
cf-bgj: minify

GET
H2 200 visitor.js Show response
conectiva.io/XEngine/extensions/visitor/ Frame 29D9 4 KB
2 KB 26ms
25ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/visitor/visitor.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: cf9c1944df885441334278a123405963aa70a0a841ff577be9e19fad3ca44f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020
x-powered-by: sunset.solutions
last-modified: Sun, 11 Apr 2021 12:16:42 GMT
server: cloudflare
etag: W/"6072e8aa-2bb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5TzgeSkdHYolZHOHIRjOyiwNwwYG17dzD3RT%2BzrhJT%2BpHpiCMGmefn2qcMh6U6ZUa8TxfPJ3BNenH6KGbDjH0VcQr5dCP8gb6QV%2FGivukJgmSBJi9uNMH4hEtKjlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=11193
cf-ray: 68f48a078d912784-PRG
cf-bgj: minify

GET
H2 200 cartstackbr.js Show response
conectiva.io/XEngine/extensions/cartstackbr/ Frame 29D9 3 KB
2 KB 25ms
23ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/cartstackbr/cartstackbr.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: e2fab1d8fbe2b2c340827ef2cf162707e7363a184e301750a59f285b81388133

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020
x-powered-by: sunset.solutions
last-modified: Sat, 11 Sep 2021 16:07:16 GMT
server: cloudflare
etag: W/"613cd434-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpHh52szmzSesfH2Ha%2BzKI4HHvWKINosfcxsdwv4%2FpXweEAlJLtOgkNw31NUUIMD6VJTeb9KI8XZ%2BvrPBnJaLm6llo5Vh3%2BoDqs%2FO%2BTx%2BNxWvnyDbObTKRU0nrnxrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=5231
cf-ray: 68f48a078d922784-PRG
cf-bgj: minify

GET
H2 200 performa.js Show response
conectiva.io/XEngine/extensions/performa/ Frame 29D9 2 KB
1 KB 30ms
29ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/performa/performa.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 1cb6cd28bcd130dd28473b788e18f816814614baed68c649f6d4cb0ec6941a35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020
x-powered-by: sunset.solutions
last-modified: Tue, 20 Jul 2021 18:20:37 GMT
server: cloudflare
etag: W/"60f713f5-de4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3E9lvbr5hxeVWi9vm%2Fie%2BQ9uBwZrWmT5hp%2FG78drtGgkNLABLbY0hIloTAVyibbYR5KCM95FWXotDn4I6erFW0dgG7UQvpKUCyMPx3hFff10yV%2FbLZhjBYkc8aqbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=3556
cf-ray: 68f48a078d932784-PRG
cf-bgj: minify

GET
H2 200 core.js Show response
app.cartstack.com.br/activeAPI/cnct/ Frame 29D9 7 KB
3 KB 29ms
28ms Script
application/javascript 104.22.31.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/cnct/core.js?ts=1631743200

Requested by

Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.31.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions

Resource Hash

486991eb99fe5048b414a1c4197e82515378621b810787e92586d2b90667ffd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-lb: 1
x-cs: MISS
age: 814
x-powered-by: sunset.solutions
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Sep 2021 19:12:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=13251
cf-ray: 68f48a07b8a727c0-PRG
cf-bgj: minify

GET
H2 200 / Show response
api.performa.ai/v1/ Frame 29D9 188 B
494 B 98ms
31ms XHR
application/json 104.22.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.performa.ai/v1/?type=front&params={%22route%22:%22store_details%22}&pubkey=98648228-16E3-98DB-CF10-6EF1E24578A6&cache=remote
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea6596b181540c40068850520b79354250b4c0b1ed8ad5ccd72d419e83dd6f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 17:27:33 GMT
server: cloudflare
x-cs: BYPASS
age: 3648
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 68f48a082cc0f9e2-PRG
access-control-allow-headers: *

GET
H2 200 pgvw.png
conectiva.io/XEngine/services/ Frame 29D9 68 B
626 B 190ms
190ms Image
image/png 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conectiva.io/XEngine/services/pgvw.png?DGUID=98648228-16E3-98DB-CF10-6EF1E24578A6&domain=desinpros.com.br&visitorID=93ab61de-cfb3-4711-a893-22f3e62e3c7a&ts=1631737053
Requested by: Host: www.desinpros.com.br
URL: https://www.desinpros.com.br/?mcr=ADV15968591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Jan 2020 13:28:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oxpz2XpaR%2BSSOogD9Ca61G3VP5c%2FX9bhKyBhe9kgQ%2BijSWU7n4voQPyQ3SdWXq2xJnnG6rFHodfjk%2FnIJVN%2F32N6zrhWBbepuMdsSjGIJ%2B%2BBkNUyRVyaGg8FhXtXpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 68f48a07ce1f2784-PRG
content-length: 68
svr-datetime: Wednesday, 15-Sep-2021 17:17:33 -03
expires: Wed, 15 Sep 2021 20:17:32 GMT

GET
H2 200 proc.js Show response
app.cartstack.com.br/activeAPI/cnct/ Frame 29D9 2 KB
843 B 23ms
23ms Script
application/javascript 104.22.31.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/cnct/proc.js?newlayer=aHR0cHM6Ly93d3cuZGVzaW5wcm9zLmNvbS5ici8=&__utmc=0,0&__utmz=0&ref=auto&ts=1631743200

Requested by

Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.31.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions

Resource Hash

a755b88ac8baddf452d4ecd623f130a8d08962c41d36bec0ecc5e9e0ec6978d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-lb: 1
x-cs: MISS
age: 814
x-powered-by: sunset.solutions
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Sep 2021 20:00:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 68f48a07f93627c0-PRG
cf-bgj: minify

GET
H2 200 tb12-lead.html Show response
topdanet3.blogspot.com/2019/05/ Frame 3077 77 KB
17 KB 200ms
153ms Document
text/html 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f1.1e100.net

Software

GSE /

Resource Hash

a87a093d8b948413ec58addc6ee9e5055ec2ece9b2e59000cc54afd7708c3d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: topdanet3.blogspot.com
:scheme: https
:path: /2019/05/tb12-lead.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://titanblue12x.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/

Response headers

content-type: text/html; charset=UTF-8
expires: Wed, 15 Sep 2021 20:17:33 GMT
date: Wed, 15 Sep 2021 20:17:33 GMT
cache-control: private, max-age=0
last-modified: Thu, 09 Sep 2021 20:48:08 GMT
etag: W/"e0a53ee51724eec4395bbb5492e2c8c5b71fdec5d184e13b69f46e4e0ffda1e0"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16733
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bg1.jpg
titanblue12x.com.br/wp-content/uploads/2020/11/ Frame 752B 76 KB
77 KB 120ms
119ms Image
image/jpeg 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://titanblue12x.com.br/wp-content/uploads/2020/11/bg1.jpg
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0315fc35d0d81f93b0342ea99eb7bb7bcbc345c57ba557da2fe74661a04ba82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 14 Nov 2020 14:48:30 GMT
server: cloudflare
etag: "13190-5b4123d159ccc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nUDLp8wD1awMM%2B65YSIiqEXH4brtIlIUh9bIN5CD7Q%2FO2w%2BRXvCbQ1Xb6zIXBDkyErufGFNW0h7vjjqSl3VjMMWyj4VBC15g48S5EUxkXsQiFw4wA%2B%2BOjWIOO3Bp%2BI%2FglP96xjW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f48a083b4e64f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78224

GET
H3 200 Inter-italic-var.woff2
titanblue12x.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/ Frame 752B 231 KB
232 KB 122ms
121ms Font
font/woff2 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-italic-var.woff2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/style.css?ver=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e2c9cdb3046528146a95d845f351c2c31f38bab60fc2a206ec62bd516ca0f5

Request headers

Referer: https://titanblue12x.com.br/wp-content/themes/twentytwenty/style.css?ver=1.5
Origin: https://titanblue12x.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 18:44:32 GMT
server: cloudflare
etag: "39d20-5b191ce3c8400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVM2xG3TjuNRmsiPbW3NnTwR6BO8rQVUbXe8ZyNNFTD2OTlHHLDy59D%2BhT3cREYZDF%2FQA2F4ftMvBX45PI248dvpHrwklHyohOO%2B5AXlBTb580Z19wjJhxYyUx6qEpW%2FlnrfIm9z"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f48a084b5264f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 236832

GET
H3 200 Inter-upright-var.woff2
titanblue12x.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/ Frame 752B 219 KB
219 KB 132ms
132ms Font
font/woff2 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/style.css?ver=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Request headers

Referer: https://titanblue12x.com.br/wp-content/themes/twentytwenty/style.css?ver=1.5
Origin: https://titanblue12x.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 18:44:32 GMT
server: cloudflare
etag: "36a94-5b191ce3c8400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F96VYGpq4MeyK2%2B9QiDK1sjWQduSdviaGjLsh7kYP1uQerRxzvleaPopUvTxnnVN0Ip%2F1XjEW%2F6H5NPoZU6zMSEAE7beFB9dq1uXdNUvS0ZPEoduxtwkOfY2%2FXANj4wr78T62ntF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f48a084b5364f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 223892

GET
H3 200 wp-embed.min.js Show response
titanblue12x.com.br/wp-includes/js/ Frame 752B 1 KB
1 KB 118ms
116ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/wp-embed.min.js?ver=5.5.6
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 06:50:30 GMT
server: cloudflare
etag: W/"592-5bffd477cee4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzoome9dglRQKyGgU3AHl%2F7hhW5c6TighvemIev1PhUgE0uELyo4M4t1%2BrzgOQby1N0jUHpkaY2hEtqh97c3uWqJR0K%2FrvtqXtnVu%2FRfynZ6%2BQ3MdTly6TJISQ%2FMoPN7JGjPPlVY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094ba864f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 frontend.js Show response
titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/js/ Frame 752B 3 KB
2 KB 131ms
130ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/js/frontend.js?ver=1.9.4
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f33f9ff91d186e1ffdcbdc263b39b0b263528a27debb3cdf3e174e7ff041e42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 00:01:49 GMT
server: cloudflare
etag: W/"b54-5b2230dd1b540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWicJVGRnLl7u%2B9RQzcpfN2Q%2BHtqWNjpbLJ6NzYPtqw8LY2HsrDxy7g0L2ztpaURVYGLR5s%2F%2Fs0p7WSINfj6havCVQD3kESVKzpJVZ8Ke%2FvVKbq8OCzKWdemEZHVizp1L2KjfMzn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094ba964f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H3 200 jquery.magnific-popup.min.js Show response
titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/lib/magnific-popup/ Frame 752B 20 KB
8 KB 110ms
109ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=1.1.0
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 00:01:49 GMT
server: cloudflare
etag: W/"4ef8-5b2230dd1b540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVyawceGE8ldd7vzlKfpwUTiV1%2BgRiUAHl61R7QTKnvC%2BfdmRlAt2p7KCJqV3phWQAoaRZPmmGXZfFRCaLgy9EcQ5ePWUUfmNnPjG2B9kmpPr0ehTDdQV2JKJWv03V2gL6c7tSMD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094baa64f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 owl.carousel.min.js Show response
titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/lib/owl-carousel/ Frame 752B 43 KB
12 KB 125ms
124ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/carousel-slider/assets/lib/owl-carousel/owl.carousel.min.js?ver=2.3.4
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 00:01:49 GMT
server: cloudflare
etag: W/"ad36-5b2230dd1b540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2EIrXxcOyEn5YFjv1KkyqrKkgwDb%2BQ7EanRtc9cFB%2BECjmBCTAwLZYPWI0BMzY8VAJqFhey1IYiLcIAoRsxgY1S8E6M9ROUlL1yyoGuQnTQwfrrABthl%2Ff8zQVMBZ3%2BbsthLkmi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bab64f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ Frame 752B 3 KB
2 KB 110ms
109ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.3.4.3
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96cd14a2f15d1df04b2d20efe837976eaba9259c83275a9c9fc616162b516a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Nov 2020 02:37:58 GMT
server: cloudflare
etag: W/"a7a-5b46c9da90a4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0x8DDfzmBFum8kyweRMZUApeyQOrf3OsAGtlKJoOsCaMouz%2FEHn0UfJMgFrb9yQGVA3oPGo7hdLn0rDn1WxmWntbLmhN1IXQXvgapEbYwfzYo1M822pmPdK64ctz1A6Y9pM6cKy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bad64f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/editor/js/dist/ Frame 752B 206 KB
58 KB 133ms
131ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.6.2.2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc1924db34aeffcc585ca8e31aaa39b155e7208ead668068b482159bc89af563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Nov 2020 02:37:58 GMT
server: cloudflare
etag: W/"339a8-5b46c9db1e3f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gN8SM0CHtB%2BX8OTlJ4ZUui4eyCYN8vbEpPRZDkK2XDLF8u7sdQikPiYBZePJ0r8WdlvHRKYigfj1Q%2Bwvy0LtknNaa%2Ffyth01u6kSJLUBAxppPEcej4XRCkDzr0nlmFG1ZkC2Zibl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bae64f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery.masonry.min.js Show response
titanblue12x.com.br/wp-includes/js/jquery/ Frame 752B 2 KB
1 KB 117ms
116ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Nov 2020 17:48:47 GMT
server: cloudflare
etag: W/"71b-5b400a3f8247d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGvaMheQ46HvblLWoW7XRstwVAO76R1L62fVbVu6cDhGjQH%2FrCRfQcLpY%2FZ%2FIhnJfDCyfjYnZMwDaVdADk8%2BPiQK%2B2qtgOP1n84wQiIR08x5gpmQgl4DojXGswwUsl81jXSP1qxv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094baf64f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 masonry.min.js Show response
titanblue12x.com.br/wp-includes/js/ Frame 752B 24 KB
8 KB 114ms
112ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Nov 2020 17:48:47 GMT
server: cloudflare
etag: W/"5e4a-5b400a3f862fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ASHJwsMoQ0rtdGUgqyEZB%2FkDLdryn5ZRpP2QLm9VVbwyEcP0du0sRcggyvOtMxR6cTI4SNJc5j6jl9d7Lbn%2B3PekNO7AycNt%2B8zM9NpAKdvQAX75Ii%2F304lmTlzzDX%2B7XCu%2BRYD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bb264f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 imagesloaded.min.js Show response
titanblue12x.com.br/wp-includes/js/ Frame 752B 5 KB
2 KB 116ms
115ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Nov 2020 17:48:47 GMT
server: cloudflare
etag: W/"15fd-5b400a3f8dffe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7D9C9kycVy0EhzCDzS0ersWNxByS60sqXsPHWWQ%2BimltMycqxhq75J6d%2Bf%2FH%2FtaxPwvyhQ9M0KI9YR58wQcke0nCRyx%2Fb986UkqDKzE10h7HI9TLzpkdD%2FS7XekoZBzgi62tAuT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bb464f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 p.js Show response
my.rtmark.net/ Frame 752B 697 B
1 KB 14ms
12ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=629ef6a162dd91c863e2fbf685903c51aa3c1cbd2b21b2885ef73a753cf4486d

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2751738bcf477d91fdede7b2921db087d987526d85d4a634db4e1a52748ab2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 752B 104 KB
41 KB 50ms
49ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134148284-2

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

740ee07b88ff039d6e900bb53b847eab2d0e4ea0bdc0281f154eecf399a534fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42093
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 752B 99 KB
40 KB 167ms
52ms Script
application/javascript 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-K4BVZTP

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

d0b1d174dcfe0f4debd00507035bd93956478c70afa4557995ebba27792114d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 index.js Show response
titanblue12x.com.br/wp-content/themes/twentytwenty/assets/js/ Frame 752B 14 KB
5 KB 118ms
117ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.5
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1faa9821aa925dc81c1c3e023c98eafa6f20ce5cd2982dd8323b0bf492bd42e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=25570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 13 Oct 2020 18:44:32 GMT
server: cloudflare
etag: W/"63e2-5b191ce3c8400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XCxzY0LvTQIvWxyj2JAzvTKWc7KEZqyOkJsgiMUZj9678ctzPi1OFhFXcOeod8gTa9BI5pl%2FoTPwDjXRZSRB%2FcZfHq2SJ9XNJY%2B9Q49YQKYZv1iBw87naMtxu6G8gPlOufGZa%2B2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 68f48a094bb564f7-FRA
cf-bgj: minify

GET
H3 200 jquery.js Show response
titanblue12x.com.br/wp-includes/js/jquery/ Frame 752B 95 KB
35 KB 120ms
119ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=96873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 13 Nov 2020 17:48:47 GMT
server: cloudflare
etag: W/"17a69-5b400a3f814dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DEFyHLVE4%2BOui0E7%2FKY01fYeQs5S8274RjjZp7A6SAnYJU%2B8hOrPtUmf%2Bbcf1UodEc7AX3HkMleLxE4ve7%2FPTO2AcNhKLkbcKeLCezZYOZlLBAnkCmQo2Hv%2Bf9T0tn%2FlnGXKfxV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 68f48a094bb664f7-FRA
cf-bgj: minify

GET
H3 200 plupload.min.js Show response
titanblue12x.com.br/wp-includes/js/plupload/ Frame 752B 15 KB
6 KB 123ms
122ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 06:50:30 GMT
server: cloudflare
etag: W/"3cfc-5bffd477c714c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BTZkHCANUVP54TEf8Um663R95StjdQzzJDdh8PqNE8mqsH6%2FIl3HjPQgfKlXna%2BbrfCi8sJGlhv1NRXLAwW0LpB7zalvX%2Bwk32zEY42lVaT2Ymza4R0xt6DII2KPiw%2BZ6TZQ6Gx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bb764f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 moxie.min.js Show response
titanblue12x.com.br/wp-includes/js/plupload/ Frame 752B 86 KB
28 KB 126ms
125ms Script
application/javascript 104.21.49.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://titanblue12x.com.br/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.49.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e3c3ca1e5a657dc68553f36e79e42b5db706d063b825cd1a0ee121c8eef799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 06:50:30 GMT
server: cloudflare
etag: W/"1566c-5bffd477c714c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xf3zjSDtD3Je7qMp8JdF2Sgpez2%2FkEDJ8yd%2FVOrFG6MHeQQWZz9HRXEnSmiWCEt8H3AT83astbrbxqrQdBu%2BcnNd0i4oP7il1KIeBumtHudVjE8K3OqqOfuP4DuIK1juszGcaIxk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f48a094bb964f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK cart.php Show response
app.cartstack.com/php/ Frame 29D9 56 B
804 B 714ms
180ms XHR
application/json 44.238.98.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cartstack.com/php/cart.php
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/cnct/core.js?ts=1631743200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.98.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-98-219.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 / PHP/5.4.16
Resource Hash: 534a3fb8bf30cc53dea10b18221110534e7bb20a8dd8b2030d1dadde443dea6e

Request headers

Referer: https://www.desinpros.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 15 Sep 2021 20:17:34 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 56

GET
H2 200 bannar-sec.jpg
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 113 KB
113 KB 467ms
467ms Image
image/jpeg 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/bannar-sec.jpg
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: f81850630926e63223f00fddaeabec95661a40c8c3bdeed30a0c82224b973277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1c2df-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 115423

GET
H2 200 bnr-tike.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 630 B
810 B 467ms
467ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/bnr-tike.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 8d8d66dadf5d6e207bdcc4d66e8ee62cc14a5dd7e3e500c7adf20294f47a030f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"276-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 630

GET
H2 200 s2-unlock-bdr.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 238 B
418 B 467ms
466ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/s2-unlock-bdr.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 403d9e35a082d9a993cbc07333e4a89b488bd94c578f54546025e7ceb42218ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"ee-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 238

GET
H2 200 strip-bg.jpg
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 3 KB
3 KB 467ms
467ms Image
image/jpeg 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/strip-bg.jpg
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: a463b5ba7a2b9679b3fff4d2dbddb4d30ba0d539be7f02f677ff5f3dc86cc3fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"aa5-17b9795febf"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2725

GET
H2 200 sec4-bg.jpg
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 26 KB
26 KB 467ms
467ms Image
image/jpeg 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-bg.jpg
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: dee33a3435eb444a9134d7c5292ec1ab8fa966125b8d1a039613baaa374601ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"683c-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 26684

GET
H2 200 sec4-strp-bg.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 59 KB
60 KB 467ms
467ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec4-strp-bg.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: a1171b988d047c7c889af5f0b3d74f142994dfbff1b5822f5fb43fb7a8fa9ef6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"edf7-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 60919

GET
H2 200 s7-sldhead.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 10 KB
10 KB 467ms
467ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/s7-sldhead.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 9a0cbf360fb58347a6ffd0bd4a10dce35b9dd1bebee4e63c6d77f52aa14af7d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"277e-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 10110

GET
H2 200 sec6-nm-bg.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 7 KB
7 KB 467ms
467ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/sec6-nm-bg.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: bbfc9f874e0fd65646e8e3d5f1b5cb083af4ca8039461be9c41b6e0b6c1369b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"1c0d-17b9795febb"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7181

GET
H2 200 Metropolis-RegularItalic.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 12 KB
12 KB 467ms
466ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-RegularItalic.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: f5b15c28a09f94ac5fd2673963ded02cdff55226e4b7637048d909e439c15d7b

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2ecc-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11980

GET
H2 200 Metropolis-BoldItalic.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 12 KB
12 KB 467ms
466ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-BoldItalic.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 267459a117b27c009a469a890d8628f251fa851e1efa8fa2137cc54ace2845e0

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2f20-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 12064

GET
H2 200 Metropolis-Bold.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 11 KB
11 KB 467ms
466ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-Bold.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: a1fcc4f6cec9a05b196cc17a37734ba5ecd1adda50c4c58b7a0f03f3d8ff82b0

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2c88-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11400

GET
H2 200 Metropolis-Regular.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 11 KB
11 KB 467ms
467ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-Regular.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 2b9f7c999c8a3fc59dc885250d034bf10f1abf6f3b23a5cfae24a294e8b45e07

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2c1c-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11292

GET
H2 200 Metropolis-SemiBold.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 11 KB
11 KB 467ms
467ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-SemiBold.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 9a57d01379b4c9b8e4bda8f84142c4b67d412eb2a29fb85c79f710df5bf1b28c

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2cb0-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11440

GET
H2 200 Metropolis-Medium.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 11 KB
11 KB 467ms
467ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-Medium.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 66333e27cdcbaff330bd7c8acff2846f782299f6988fea38d3587a6ff6130149

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2c9c-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11420

GET
H2 200 Metropolis-ExtraBold.woff2
lipotril.com.br/public/lp-03/app/mobile/fonts/ Frame 6BD2 11 KB
11 KB 468ms
467ms Font
font/woff2 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/Metropolis-ExtraBold.woff2
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: ace8dc743aa7c2da11e40e674f41779b76815cdb796ab074d3ad5d8a5ea87721

Request headers

Referer: https://lipotril.com.br/public/lp-03/app/mobile/fonts/fonts.css
Origin: https://lipotril.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
etag: W/"2c68-17b9795feab"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11368

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 484F 28 B
50 B 32ms
32ms XHR
application/json 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/%3Ciframe%20width=
X-YouTube-Client-Version: 1.20210913.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtVVEZzRlZpRXZJRSjbqYmKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631737051336&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKqLlT93PfF5ex4e0JcQh6kN1YmCd7lRFLe3xodLchDb7H8SxQ7nwGSyd5Bbkk-AOJlLZBXgXCn3EgEXSowTboMTmYZJHg

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6BD2 48 KB
19 KB 47ms
20ms Script
text/javascript 142.250.187.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lipotril.com.br
URL: https://lipotril.com.br/?clickid=614254dbeb72f80001a35335&utm_source=1769&p=aff&sub2=ljpixelckC&sub4=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2124
date: Wed, 15 Sep 2021 19:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 21:42:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3077 136 KB
48 KB 89ms
40ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

1947bbfa54a1079d10e73adaccdcc21952faa0d6d5929e567eee24f902076fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48927
x-xss-protection: 0
server: cafe
etag: 6340949852821719840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ Frame 3077 12 KB
3 KB 31ms
31ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3475
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 3077 44 B
88 B 35ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=3715146751913544&ev=Lead&cd[value]=0&cd[currency]=BRL

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 3077 44 B
88 B 36ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=403314310774716&ev=Lead&cd[value]=0&cd[currency]=BRL

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 tr
www.facebook.com/ Frame 3077 44 B
88 B 37ms
36ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1285894921797449&ev=Lead&cd[value]=0&cd[currency]=BRL

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 78ms
76ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-396474315

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e51bad4e2bdcbb35c1eced127a99d7a0aa201c6c8700c9dbeb0338127aa642ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39261
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 58ms
55ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-742021047

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7868fe105f1ff675bfb1c5d7234ece6986365f533b7ef0b735509719e0018e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39233
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 94ms
92ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-828003655

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7ed7e2a48c95fabd4637c9c08057aa38f83c3d95bb0d62522f5cb73e95d730fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39231
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 88ms
86ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-688008293

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

217e0e15fd8dc1e683581a646b3909b0382d3aefbff0ec15ff7d15850a76a742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39236
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 85ms
83ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-651192104

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fc963e17119d547b93f68132afd9bd0cd4ccff28ee9a7122b8e4f89c30dd5147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39235
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ Frame 3077 1 B
684 B 176ms
121ms Stylesheet
text/css 172.217.169.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8654334594673253598&zx=373c27fd-3219-47a1-a23f-5f7dc0992866

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 20:17:33 GMT
server: GSE
date: Wed, 15 Sep 2021 20:17:33 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sprite_v1_6.css.svg
topdanet3.blogspot.com/responsive/ Frame 3077 7 KB
2 KB 91ms
30ms Other
image/svg+xml 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://topdanet3.blogspot.com/responsive/sprite_v1_6.css.svg

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f1.1e100.net

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 22:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Sep 2021 19:52:02 GMT
server: sffe
age: 424362
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2244
x-xss-protection: 0
expires: Fri, 17 Sep 2021 22:24:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 61ms
59ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-611304047

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5a94583249f6f8f5e4b8177755a6e8d3980adf4521005f90269bb2b3f6fec4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39231
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 63ms
61ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494868820

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

53699db5a21871456995b9892f05f6089973e7b6094b7246b15319f2bd66ae8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39240
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 52ms
51ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-479617073

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8235800dc2b8aa1d14cc5810b8df272c8a0bc3ac6fcb2178aab5d993ad17116e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39235
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 79ms
78ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-378689843

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3d7a55950af95998fe7fde8abf9122355bf82d55a89c0c32e295ea00cbed9226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39235
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H2 200 2276472856-indie_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ Frame 3077 138 KB
47 KB 72ms
19ms Script
text/javascript 172.217.169.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/2276472856-indie_compiled.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f9.1e100.net

Software

sffe /

Resource Hash

c334c496e0dca99d37eaabf0e3a251080618ac108eb3b782a43071c6ab7fca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 04:49:37 GMT
server: sffe
age: 210178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48045
x-xss-protection: 0
expires: Mon, 20 Sep 2021 09:54:35 GMT

GET
H2 200 745028019-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame 3077 148 KB
54 KB 73ms
20ms Script
text/javascript 172.217.169.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/745028019-widgets.js

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f9.1e100.net

Software

sffe /

Resource Hash

7998fdc70409b584aaf012c1ce11ec0365cffd6881f112d926afda280180f6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 06:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55002
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 01:51:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 06:13:08 GMT

GET
H2 200 image
themes.googleusercontent.com/ Frame 3077 23 KB
23 KB 162ms
63ms Image
image/jpeg 216.58.213.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w480

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f1.1e100.net

Software

fife /

Resource Hash

034bda263d0441afe35bc18419a312f5ac10dc732e295f5dbcff8ce021b665d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23449
x-xss-protection: 0
expires: Thu, 16 Sep 2021 20:17:33 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3077 15 KB
15 KB 19ms
19ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
Origin: https://topdanet3.blogspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 06:48:51 GMT
x-content-type-options: nosniff
age: 394122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 06:48:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3077 15 KB
15 KB 20ms
20ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topdanet3.blogspot.com/
Origin: https://topdanet3.blogspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 09:55:16 GMT
x-content-type-options: nosniff
age: 469337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 09:55:16 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3077 127 KB
44 KB 93ms
93ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3b649ea7d34b097711445cf4280b5174e272b20c5605fc1164b2ce2e736c5bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44737
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 37ms
37ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-396474315&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f555802c32c4b86c5c83cf3a47fc408d1df02a5bf145f7eed7bd879926918414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39168
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 39ms
39ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-742021047&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0f5a611e61d56bf3794a7521b423a91d8c60da9878ada23068d02c6743464c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39237
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 46ms
45ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-828003655&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3fb2ebd0da9a857543d57f02713b4baf9c09d04488d9928f9294f72d4f08d530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39239
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 40ms
39ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-688008293&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c902f998e8533e4968465a85bfae12860a9236881e698ef1e0a0f6b8db20f1e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39240
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 52ms
51ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-651192104&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

025cc8f13db32fe1fde1027c7d5c9ea56bcd04f59cfece9568008d39e955e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39237
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 41ms
41ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-611304047&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c19a186bafa942fd9029d16a1fc37d3277d09ee82ad0078981b78106d523f760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39235
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 42ms
41ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494868820&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

27576ecdcd71151d86727a0c7909b6b706101cb6ecf925443f86546eab134ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39246
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 96 KB
38 KB 42ms
42ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-378689843&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9789af6547b842dc813a19b0404e60282023caadf7baa93e41f68a7298943eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39241
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H3 200 blogger_logo_round_35.png
www.blogger.com/img/ Frame 3077 2 KB
2 KB 59ms
26ms Image
image/png 172.217.169.41
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f9.1e100.net

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:49:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 08:49:56 GMT
server: sffe
age: 174508
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2531
x-xss-protection: 0
expires: Mon, 20 Sep 2021 19:49:06 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 3077 36 KB
14 KB 74ms
47ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-396474315

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
server: cafe
etag: 16185193972789726432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:17:34 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ Frame 3077 251 KB
93 KB 94ms
62ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94967
x-xss-protection: 0
server: cafe
etag: 3426842561966430038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:17:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 8A7B 10 KB
5 KB 20ms
19ms Document
text/html 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210908/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://topdanet3.blogspot.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlBqEmqhyE8a5MvwrnB8AlfI4M3UWqa5IQ8aK7PLurdJdappVKr_RF0OAc1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 22:41:16 GMT
expires: Tue, 28 Sep 2021 22:41:16 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 77778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 170 KB
62 KB 53ms
52ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HH1GNL894H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-479617073

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

19313c1d1a8990444ee252834f10fce387d8e87b909483da03d845fef25288eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63339
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:17:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3077 104 KB
41 KB 50ms
49ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134148284-2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

262235a94c60754d63c268024d2e8d9edc2f3555700968575a0025747213fee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42095
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:17:34 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ Frame 3077 1 B
43 B 129ms
129ms Stylesheet
text/css 172.217.169.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8654334594673253598&zx=373c27fd-3219-47a1-a23f-5f7dc0992866

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 20:17:34 GMT
server: GSE
date: Wed, 15 Sep 2021 20:17:34 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1184004/log/3/ Frame 29D9 0
251 B 49ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1184004/log/3/unip?en=pre_d_eng_tb&tos=1675&scd=0&ssd=1&est=1631737052526&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1631737054201&vi=1631737052523&ri=b878f56505d950ea564cb145d668880f&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fwww.desinpros.com.br%2F%3Fmcr%3DADV15968591
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1184004/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.desinpros.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.desinpros.com.br
pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/396474315/ Frame 3077 2 KB
1 KB 68ms
67ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/396474315/?random=1631737054220&cv=9&fst=1631737054220&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

81daccb08c9f0844fe965ef27b1d7db003ef0c0bff793b72de2f81b1f3953d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/396474315/ Frame 3077 2 KB
1 KB 30ms
29ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/396474315/?random=1631737054223&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

6b51af1afd411892ac3cd891a4bf9448ed490ebb9081ee1c67cf239940aa7332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/396474315/ Frame 3077 2 KB
1 KB 27ms
27ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/396474315/?random=1631737054230&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ca540d0bd996ccfec5e403cddb7c2b07c0d2349369beb7e014d0befb0f9f2ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/ Frame 3077 2 KB
1 KB 43ms
43ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/?random=1631737054233&cv=9&fst=1631737054233&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

947a0b42f92fbb0cae899c39f7e3d705bc49398a5e560835d71251e36e8940d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/742021047/ Frame 3077 2 KB
1 KB 32ms
32ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/742021047/?random=1631737054234&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

3fa044776a1339272797ddc9fb613ee7ff7e1979af239506b3301522486031e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1149
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/ Frame 3077 2 KB
1 KB 40ms
39ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/?random=1631737054237&cv=9&fst=1631737054237&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b604fbd2e5000208a0c00b8e782a4aa6059284c3087d74a732e8e7f9849b96ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/688008293/ Frame 3077 2 KB
1 KB 31ms
31ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/688008293/?random=1631737054237&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

362c33576d36180d3da725eeaf623b510c625f1db06e51b29ef26afa636b5fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/479617073/ Frame 3077 2 KB
1 KB 39ms
39ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479617073/?random=1631737054239&cv=9&fst=1631737054239&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a63a132152e58a9f02d9fe38dd8d9d2ff7855d9bead02b7370c67c5468e13444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/479617073/ Frame 3077 2 KB
1 KB 30ms
29ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/479617073/?random=1631737054239&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ce2963b114cce98823b273f5b913d69a98b81a5a31d8afe6cb367b353d8d3250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/ Frame 3077 2 KB
1 KB 39ms
39ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/?random=1631737054241&cv=9&fst=1631737054241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6cac9e42f9bfcbea6b68311c6b87179c7e3f1750fc4283710f49600b403ebefe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/651192104/ Frame 3077 2 KB
1 KB 27ms
27ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/651192104/?random=1631737054242&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

c2616d21ba0daf334c75272c68265bd3af70eacf2b1d2aee74ffef55a4bc6d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1164
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/378689843/ Frame 3077 2 KB
1 KB 38ms
37ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/378689843/?random=1631737054244&cv=9&fst=1631737054244&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9365b8feee36f938d87c3156acf4f6e2eb769a66bd66b96821af95acc26f3774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1031
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/378689843/ Frame 3077 2 KB
1 KB 28ms
28ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/378689843/?random=1631737054245&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

c642999def5cd81084e1abaa642dcbdae6804befbe85760f28c84692f3cd6e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1157
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/ Frame 3077 2 KB
1 KB 37ms
37ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=1631737054247&cv=9&fst=1631737054247&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e7342be2d80980c0a54f035951e158a59fb79a493ad26bb9f1be53f3b1c69bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/828003655/ Frame 3077 2 KB
1 KB 27ms
27ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/828003655/?random=1631737054248&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

593b71c933854383f8b1c726c2bccb4750ff298b8b2c552038bdc06590ea6164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-user-list/828003655/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=1631737054247&cv=9&fst=1631737054247&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/828003655/?random=1631737054247&cv=9&fst=1631736000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...

42 B
64 B

39ms
38ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/828003655/?random=1631737054247&cv=9&fst=1631736000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&is_vtc=1&random=3975355223&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-user-list/828003655/?random=1631737054247&cv=9&fst=1631736000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&is_vtc=1&random=3975355223&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/ Frame 3077 2 KB
1 KB 39ms
39ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1631737054250&cv=9&fst=1631737054250&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9fcc4389ed7697b040e16482f99596c3f9f1684ce89922e7b3042a9d5b979b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/611304047/ Frame 3077 2 KB
1 KB 29ms
28ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/611304047/?random=1631737054251&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

9e91771d122c93997150bb85658da6a6ea11b64a849b36c80e773b5c6e792f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/ Frame 3077 2 KB
1 KB 39ms
39ms Script
text/javascript 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/?random=1631737054253&cv=9&fst=1631737054253&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

debc7dd004bdf2708985d11dbdb0df110c07df0d6889fbffcf1c0a9965a5aec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/494868820/ Frame 3077 2 KB
1 KB 28ms
28ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/494868820/?random=1631737054253&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e0f864ae121094566f4ee3533086bc9c87ba19732e6deadcdb849e9f8e522e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3077 107 B
570 B 80ms
30ms Script
application/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=topdanet3.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49EB 603 B
65 B 43ms
42ms Document
text/html 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5975042370483709&output=html&adk=1812271804&adf=3407277730&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Ftitanblue12x.com.br%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631737054068&bpp=2&bdt=342&idt=196&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&nras=1&correlator=4880442096051&frm=8&ife=1&pv=2&ga_vid=1407282911.1631737054&ga_sid=1631737054&ga_hid=1301050276&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2768854219&scr_x=-12245933&scr_y=-12245933&eid=44747621%2C31062519%2C31062492%2C44749369%2C31062297&oid=3&pvsid=181894626184477&pem=116&top=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.li577b6c00x&fsb=1&dtd=215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5975042370483709&output=html&adk=1812271804&adf=3407277730&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Ftitanblue12x.com.br%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631737054068&bpp=2&bdt=342&idt=196&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&nras=1&correlator=4880442096051&frm=8&ife=1&pv=2&ga_vid=1407282911.1631737054&ga_sid=1631737054&ga_hid=1301050276&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2768854219&scr_x=-12245933&scr_y=-12245933&eid=44747621%2C31062519%2C31062492%2C44749369%2C31062297&oid=3&pvsid=181894626184477&pem=116&top=https%3A%2F%2Fclubdeofertas.lojaintegrada.com.br&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.li577b6c00x&fsb=1&dtd=215
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://topdanet3.blogspot.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlBqEmqhyE8a5MvwrnB8AlfI4M3UWqa5IQ8aK7PLurdJdappVKr_RF0OAc1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 20:17:34 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3077 72 KB
28 KB 100ms
36ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

sffe /

Resource Hash

aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631547519045135"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 20:17:34 GMT

GET
H3 200 mgsensor.js Show response
a.mgid.com/ Frame 3077 12 KB
3 KB 139ms
138ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1631737054306
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e460a35cc5301ce498bafb22edf4131c69f17ce294fb1d28399ea7a086204bca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 67d0d486-f172-4554-b4d8-208b6f4bd993
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68f48a0d7b7c2784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ Frame 3077 7 KB
3 KB 29ms
6ms Script
application/x-javascript 23.45.97.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.97.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-97-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 20:17:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Wed, 15 Sep 2021 20:37:34 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 3077 30 KB
9 KB 43ms
43ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: BB247DF773EA4CAF973FAC9D26FD0A8E Ref B: PRG01EDGE1012 Ref C: 2021-09-15T20:17:34Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 3077 191 KB
65 KB 181ms
66ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

e4f1e5807aed41dfe3ebf34dc2c585d71e1bcb7ef380db69a0258b5436318bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: br
last-modified: Wed, 15 Sep 2021 15:25:21 GMT
etag: "6141b703-10314"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66324
expires: Wed, 15 Sep 2021 21:17:34 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ Frame 3077 11 KB
4 KB 133ms
34ms Script
application/javascript 104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7030868cbd2d0e41db2b2ceb52845db200891fb25941603a71bb37f60d8b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 18:19:17 GMT
server: cloudflare
age: 481
etag: W/"61423925-2dde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 68f48a0e198f2774-PRG
content-type: application/javascript
expires: Wed, 15 Sep 2021 21:09:33 GMT

GET
H3 200 mgsensor.js Show response
a.mgid.com/ Frame 3077 12 KB
3 KB 125ms
125ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1631737054310
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e460a35cc5301ce498bafb22edf4131c69f17ce294fb1d28399ea7a086204bca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: c39a3b88-dd4c-4ff1-b6c6-82eea2887f5e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68f48a0d7b8b2784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 load.js Show response
app.cartstack.com.br/activeAPI/ Frame 3077 12 KB
4 KB 27ms
26ms Script
application/javascript 104.22.31.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/load.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.31.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions, sunset.solutions

Resource Hash

ac1e7257a75f95079823aeee2f9602cb401000105d8664172d159eaacba4800c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-lb: 1
x-cs: EXPIRED
age: 5161
x-powered-by: sunset.solutions, sunset.solutions
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Sep 2021 17:46:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=19821
cf-ray: 68f48a0d7f5327c0-PRG
cf-bgj: minify

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3077 48 KB
19 KB 21ms
21ms Script
text/javascript 142.250.187.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134148284-2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2125
date: Wed, 15 Sep 2021 19:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 21:42:09 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/396474315/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/396474315/?random=2051124492&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/396474315/?random=2051124492&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...

42 B
64 B

43ms
43ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/396474315/?random=2051124492&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYbP6DvSF9fgP2P-KmAg&cid=CAQSKQCNIrLMSKGE2Vy4uUcGZpK02NcM359DZTwbnQAlplc6RpZ1EDOim_AE&random=289847351&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/396474315/?random=2051124492&cv=9&fst=1631737054230&num=1&label=EPGXCOLYuv4BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYbP6DvSF9fgP2P-KmAg&cid=CAQSKQCNIrLMSKGE2Vy4uUcGZpK02NcM359DZTwbnQAlplc6RpZ1EDOim_AE&random=289847351&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/396474315/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/396474315/?random=995300791&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/396474315/?random=995300791&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

43ms
42ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/396474315/?random=995300791&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYcP0DsuBb9XykvAJ&cid=CAQSKQCNIrLMyTBHblJPykHi_p3wc22eC-5ZX3NKaHRx2ZkYOYCmK_AVONBA&random=3960154282&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/396474315/?random=995300791&cv=9&fst=1631737054223&num=1&label=XiIICNDhuP0BEMvvhr0B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYcP0DsuBb9XykvAJ&cid=CAQSKQCNIrLMyTBHblJPykHi_p3wc22eC-5ZX3NKaHRx2ZkYOYCmK_AVONBA&random=3960154282&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/742021047/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/742021047/?random=198923348&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/742021047/?random=198923348&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

46ms
46ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/742021047/?random=198923348&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYc-gD9jKbOa3iogM&cid=CAQSKQCNIrLMqU4mVjFfOJ0Dkfkl4j6qZkb5k50wbAJGkArUqA0RiYO9WSc1&random=1413542125&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/742021047/?random=198923348&cv=9&fst=1631737054234&num=1&label=B98ICNr1oKEBELev6eEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYc-gD9jKbOa3iogM&cid=CAQSKQCNIrLMqU4mVjFfOJ0Dkfkl4j6qZkb5k50wbAJGkArUqA0RiYO9WSc1&random=1413542125&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/688008293/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/688008293/?random=879054457&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/688008293/?random=879054457&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

51ms
51ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/688008293/?random=879054457&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYezBD5KjlgTqr5zYAQ&cid=CAQSKQCNIrLMdQKRYGXwU1STIeQxLG_WA1tYh8MBVehFSU_hhEhwxf_tctzw&random=4166675031&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/688008293/?random=879054457&cv=9&fst=1631737054237&num=1&label=Pwb_CIP_0bgBEOXYiMgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYezBD5KjlgTqr5zYAQ&cid=CAQSKQCNIrLMdQKRYGXwU1STIeQxLG_WA1tYh8MBVehFSU_hhEhwxf_tctzw&random=4166675031&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/479617073/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479617073/?random=176738000&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/479617073/?random=176738000&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

50ms
49ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/479617073/?random=176738000&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYZfOD8-OlgTi1oCwCg&cid=CAQSKQCNIrLMkMPKoIAU_tdkC4vUlo84erelHPjFkMw3YOAH-Y-zYyOYt7tr&random=626685174&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/479617073/?random=176738000&cv=9&fst=1631737054239&num=1&label=H1ywCK_HpfYBELHA2eQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYZfOD8-OlgTi1oCwCg&cid=CAQSKQCNIrLMkMPKoIAU_tdkC4vUlo84erelHPjFkMw3YOAH-Y-zYyOYt7tr&random=626685174&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/651192104/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/651192104/?random=56380429&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=37663...
https://www.google.com/pagead/1p-conversion/651192104/?random=56380429&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=160...

42 B
64 B

44ms
44ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/651192104/?random=56380429&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYf3TD7KH9fgP2NSxiAQ&cid=CAQSKQCNIrLMegu9U-1qG2Hg0EXNr1fhWYikfmXjRzpLsf5T02GPFXbnx3Iy&random=760208118&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/651192104/?random=56380429&cv=9&fst=1631737054242&num=1&label=lx0FCMie-cwBEKjOwbYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYf3TD7KH9fgP2NSxiAQ&cid=CAQSKQCNIrLMegu9U-1qG2Hg0EXNr1fhWYikfmXjRzpLsf5T02GPFXbnx3Iy&random=760208118&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/378689843/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/378689843/?random=637418966&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/378689843/?random=637418966&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

47ms
46ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/378689843/?random=637418966&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYZrsD9OH9fgPxs2MqAE&cid=CAQSKQCNIrLMj0Bs35vzbL5K3urvyFHR9r_HoFPmU_rJG45NssvVYDvBS-zc&random=4214704459&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/378689843/?random=637418966&cv=9&fst=1631737054245&num=1&label=aLVlCLeF6YwCELOyybQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYZrsD9OH9fgPxs2MqAE&cid=CAQSKQCNIrLMj0Bs35vzbL5K3urvyFHR9r_HoFPmU_rJG45NssvVYDvBS-zc&random=4214704459&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/828003655/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828003655/?random=682010481&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/828003655/?random=682010481&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

44ms
44ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/828003655/?random=682010481&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYYGBEJiLlgTa_KYY&cid=CAQSKQCNIrLMm_BpllhFTOo5SbJz6WIEAz77Wsn8uoNo20Suuw8pHMOmvTnP&random=4077864257&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/828003655/?random=682010481&cv=9&fst=1631737054248&num=1&label=y-m4CPGBipUBEMeq6YoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&gbcov=0&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYYGBEJiLlgTa_KYY&cid=CAQSKQCNIrLMm_BpllhFTOo5SbJz6WIEAz77Wsn8uoNo20Suuw8pHMOmvTnP&random=4077864257&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/688008293/ Frame 3077 42 B
64 B 41ms
41ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/688008293/?random=1631737054237&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=2550341942&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/742021047/ Frame 3077 42 B
64 B 43ms
43ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/742021047/?random=1631737054233&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=1069505195&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/479617073/ Frame 3077 42 B
64 B 42ms
42ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/479617073/?random=1631737054239&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=1045054053&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/611304047/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1395702777&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/611304047/?random=1395702777&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...

42 B
64 B

43ms
43ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/611304047/?random=1395702777&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYcubEIyllgTTkIuYAg&cid=CAQSKQCNIrLMjKQi8lPFAWr7XBmH5usZTwWE3MxieHHk0kIMeie2FVUMuyMF&random=3752032602&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/611304047/?random=1395702777&cv=9&fst=1631737054251&num=1&label=I7jvCOaPzNkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYcubEIyllgTTkIuYAg&cid=CAQSKQCNIrLMjKQi8lPFAWr7XBmH5usZTwWE3MxieHHk0kIMeie2FVUMuyMF&random=3752032602&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/651192104/ Frame 3077 42 B
64 B 42ms
42ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/651192104/?random=1631737054241&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=2487477667&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/494868820/ Frame 3077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494868820/?random=441494349&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/494868820/?random=441494349&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

44ms
44ms

Image
image/gif

216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/494868820/?random=441494349&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYfSqEMGB9fgP35ycgAc&cid=CAQSKQCNIrLM6Gtd-2GK9AqwPZFpClUQe10QuQ-IqRFHlgEd9ynA-wg3YT-T&random=2471115015&resp=GooglemKTybQhCsO

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/494868820/?random=441494349&cv=9&fst=1631737054253&num=1&label=bVMlCMW40OwBENSy_OsB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3lRCYfSqEMGB9fgP35ycgAc&cid=CAQSKQCNIrLM6Gtd-2GK9AqwPZFpClUQe10QuQ-IqRFHlgEd9ynA-wg3YT-T&random=2471115015&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/378689843/ Frame 3077 42 B
64 B 42ms
42ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/378689843/?random=1631737054244&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=2669536497&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/828003655/ Frame 3077 42 B
64 B 40ms
40ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/828003655/?random=1631737054247&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=3575836116&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prev.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 5 KB
5 KB 373ms
352ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/prev.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/slick.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 38e8ac99099a95dd3998eb6963ff35b0650894f4fdaa4797e359b74ed08267f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/slick.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
etag: W/"1384-17b9795feb7"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4996

GET
H2 200 next.png
lipotril.com.br/public/lp-03/app/mobile/images/ Frame 6BD2 5 KB
5 KB 364ms
351ms Image
image/png 18.231.32.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lipotril.com.br/public/lp-03/app/mobile/images/next.png
Requested by: Host: lipotril.com.br
URL: https://lipotril.com.br/public/lp-03/app/mobile/css/slick.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.32.240 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-32-240.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: 93a0ac4563d3cba9b6b541b263a86449bbc3049966e755dbfcafe8b09d26beb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lipotril.com.br/public/lp-03/app/mobile/css/slick.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
etag: W/"139a-17b9795feb3"
last-modified: Mon, 30 Aug 2021 15:03:14 GMT
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 5018

GET
H3 200 /
www.google.com/pagead/1p-user-list/611304047/ Frame 3077 42 B
64 B 40ms
36ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/611304047/?random=1631737054250&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=3733227138&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/396474315/ Frame 3077 42 B
64 B 43ms
40ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/396474315/?random=1631737054220&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=484587515&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/494868820/ Frame 3077 42 B
64 B 47ms
44ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/494868820/?random=1631737054253&cv=9&fst=1631736000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&ref=https%3A%2F%2Ftitanblue12x.com.br%2F&tiba=tb12-lead&async=1&fmt=3&is_vtc=1&random=491123475&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 26070779.js Show response
bat.bing.com/p/action/ Frame 3077 0
94 B 148ms
141ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26070779.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Sep 2021 20:17:34 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 42F55DD9DF3744CBBBDB0B78CDD81FF3 Ref B: PRG01EDGE1012 Ref C: 2021-09-15T20:17:34Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 3077 0
96 B 44ms
44ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26070779&Ver=2&mid=b84fd2c3-04a9-4269-b995-1ea7390e15a2&sid=f6757ef0166111ecacc5977d8bc972eb&vid=f6765c20166111ecba37edb9181ca676&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=tb12-lead&p=https%3A%2F%2Ftitanblue12x.com.br%2F&r=&lt=476&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=393672
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 9C5C4978127746AE8BD8257BBADEDAE2 Ref B: PRG01EDGE1012 Ref C: 2021-09-15T20:17:34Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ Frame 3077 35 B
239 B 352ms
87ms Script
application/javascript 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
X-TraceId: 6cca0ca42f7dddbcfaaedcd6f4cc615b
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ Frame 3077 43 B
256 B 353ms
87ms Image
image/gif 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&optOut=false&bust=043689454643114534
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 20:17:34 GMT
Cache-Control: no-cache
X-TraceId: 566fd324081cff2b56108c2ae67c7888
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 / Show response
api.sunset.systems/services/ Frame 4BDF 2 KB
1 KB 48ms
23ms Document
text/html 172.66.40.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sunset.systems/services/?type=dtnl
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771960e3e360d91710834071e30f1fe5c0dc53001b6c008d02d4c948b6b6091a

Request headers

:method: GET
:authority: api.sunset.systems
:scheme: https
:path: /services/?type=dtnl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://topdanet3.blogspot.com/
accept-encoding: gzip, deflate, br
cookie: xe_visitor=eGVfdmlzaXRvcnx7ImlkIjoiOTNhYjYxZGUtY2ZiMy00NzExLWE4OTMtMjJmM2U2MmUzYzdhIiwiZW1haWwiOiIifXw3MjA=; cartstack.com-cartid=Y2FydHN0YWNrLmNvbS1jYXJ0aWR8Mjg1MDA5NDg0fDM2NQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-ua-compatible: IE=Edge
cache-control: max-age=259200
cf-cache-status: HIT
age: 1332
last-modified: Wed, 15 Sep 2021 19:55:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR3Wrs%2BFKct6LK5aa81vRN3vvz6xnw%2FhaG87%2FOxpLGH4bTmauKloyKMgSNJVzJb3aT5gwC%2BKo6ItuQLInVd5CZfRqDGPnWkUFvr0h1ziHXhZAVKDF7jROhfvC6LKmYpAFlWUmdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68f48a0e69f22790-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
conectiva.io/XEngine/services/ Frame 3077 91 B
407 B 573ms
573ms XHR
text/html 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/services/?type=domain_inf&inf=DKEY+DGUID+DOMAIN&ref=YmxvZ3Nwb3QuY29t&v=1
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions, sunset.solutions
Resource Hash: c087e1211511e947cbed9ca722f020b9aaeaae83952bff8ea1cfb9df24ae58d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cs: HIT
x-powered-by: sunset.solutions, sunset.solutions
access-control-allow-methods: GET, POST, OPTIONS
last-modified: Sat, 11 Sep 2021 16:09:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB%2B44SAa6pK1BkigAgkPmPCDQ2SvMezzetDhUs4GYzhF0e8qGSMCA2x9NGIWAH5E%2FVeMYK9uUfDRAUFdOwdBmGS%2B4FLRLMueLV6A6mwHc1143PLLmAQT3aZ5xLDrng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-maxage=604800
cf-ray: 68f48a0e4de84125-PRG
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 impulse.js Show response
suite.linximpulse.net/impulse/ Frame 3077 20 KB
7 KB 117ms
14ms Script
application/javascript 52.222.179.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/impulse.js
Requested by: Host: clubdeofertas.lojaintegrada.com.br
URL: https://clubdeofertas.lojaintegrada.com.br/titan-blue-12x-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-32.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e467735c7c594f72fa0a2adccb89a36590f601446fdbf1de3f0aead46c7b43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CzK.wXZAzki8t7nWZWFv0B8JJD_MQ.pS
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 13:43:00 GMT
server: AmazonS3
age: 20773
etag: W/"3a7b70eb7bc47fffe80267fbaef15990"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Wed, 15 Sep 2021 14:34:29 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: tI9QxK8z3o5n83MbBbEJ3qhGBebhpwZ_aVIE95N7Stfnb2zpoDPEWA==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3077 99 KB
25 KB 35ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: AeCqWoVR12Ljj5DIepESbyApn7bPm5oONBP48wFYoRBdSZWkacZm1THlcXxUKVadmX65vFtPCX5TZBViT7ABbQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pix_o_47704d8d1e09c29c0383ad6c38df5dc4.js Show response
pix.user-clicks.com/js/ Frame 3077 18 KB
6 KB 81ms
7ms Script
application/javascript 195.181.175.45
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.user-clicks.com/js/pix_o_47704d8d1e09c29c0383ad6c38df5dc4.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-44.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 507a373b3125166c3084fe1b1d0b87d3680f10a9c1cd1cadfdefb5dbe2723a09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1ryxPsqXvOVEAAA==
x-accel-expires: @1632753061
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: br
last-modified: Wed, 15 Sep 2021 14:29:04 GMT
server: CDN77-Turbo
x-77-nzt-ray: ZaAp0G2zYA8=
etag: W/"61420330-47e7"
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 20793
x-77-pop: frankfurtDE

GET
H2 200 58492 Show response
tag.navdmp.com/u/ Frame 3077 664 B
561 B 159ms
158ms Script
application/javascript 104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/58492
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1e205333f74005c4e1a725aff46b1eb91310d333e89d2eb55e436d4ef3e4f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:45:01 GMT
server: cloudflare
etag: W/"6137b32d-298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 68f48a0e7a9c2774-PRG
content-type: application/javascript
expires: Wed, 15 Sep 2021 21:17:34 GMT

GET
H3 200 1x1.gif
a.mgid.com/ Frame 3077 43 B
399 B 119ms
119ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=192107&type=c&tg=&r=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1631737054473
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68f48a0e7e2e2784-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 1x1.gif
a.mgid.com/ Frame 3077 43 B
399 B 120ms
119ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=192107&type=c&tg=&r=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1631737054474
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68f48a0e7e302784-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 1x1.gif
a.mgid.com/ Frame 3077 43 B
399 B 210ms
209ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=389725&type=c&tg=&r=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1631737054477
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68f48a0e8e392784-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 1x1.gif
a.mgid.com/ Frame 3077 43 B
399 B 127ms
122ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=389725&type=c&tg=&r=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1631737054496
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68f48a0eaec02784-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 430261258114974 Show response
connect.facebook.net/signals/config/ Frame 3077 306 KB
87 KB 712ms
709ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/430261258114974?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

16e2816b22f4d5ebddd7c5696147abfa2cf48dc58d3377690becdb88f5a99161

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: VN9mAW+Ig76woPT1XDn3FQHzHvlTMGrOOSVICkvONZ4xl+0lVEJLRXPLgg0RNWLWRbGlhhf0AUelmKJo4nLMDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 20:17:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/54680146/ Frame 3077
Redirect Chain

https://mc.yandex.com/watch/54680146?wmode=7&page-url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&page-ref=https%3A%2F%2Ftitanblue12x.com.br%2F&charset=utf-8&browser-info=pv%3...
https://mc.yandex.com/watch/54680146/1?wmode=7&page-url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&page-ref=https%3A%2F%2Ftitanblue12x.com.br%2F&charset=utf-8&browser-info=pv...

331 B
413 B

36ms
36ms

XHR
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54680146/1?wmode=7&page-url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&page-ref=https%3A%2F%2Ftitanblue12x.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A643%3Acn%3A1%3Adp%3A0%3Als%3A1549015268581%3Ahid%3A850636945%3Az%3A0%3Ai%3A20210915201734%3Aet%3A1631737055%3Ac%3A1%3Arn%3A190155787%3Arqn%3A1%3Au%3A16317370551033470473%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631737053471%3Ads%3A0%2C0%2C153%2C30%2C0%2C0%2C%2C221%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C153%2C29%2C0%2C0%2C%2C246%2C0%2C%2C%2C%2C476%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631737055%3At%3Atb12-lead

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

494a19b10a3ab4179ecd37b74770ad0dfe7106d1cb7502b1038d4bda2d4e8154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 15-Sep-2021 20:17:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://topdanet3.blogspot.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 15-Sep-2021 20:17:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
last-modified: Wed, 15-Sep-2021 20:17:34 GMT
location: /watch/54680146/1?wmode=7&page-url=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&page-ref=https%3A%2F%2Ftitanblue12x.com.br%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A643%3Acn%3A1%3Adp%3A0%3Als%3A1549015268581%3Ahid%3A850636945%3Az%3A0%3Ai%3A20210915201734%3Aet%3A1631737055%3Ac%3A1%3Arn%3A190155787%3Arqn%3A1%3Au%3A16317370551033470473%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631737053471%3Ads%3A0%2C0%2C153%2C30%2C0%2C0%2C%2C221%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C153%2C29%2C0%2C0%2C%2C246%2C0%2C%2C%2C%2C476%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631737055%3At%3Atb12-lead
strict-transport-security: max-age=31536000
access-control-allow-origin: https://topdanet3.blogspot.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 15-Sep-2021 20:17:34 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 3077 43 B
112 B 129ms
35ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
last-modified: Wed, 15 Sep 2021 15:25:21 GMT
etag: "6141b703-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 15 Sep 2021 21:17:34 GMT

GET
H2 200 flags.json Show response
suite.linximpulse.net/impulse/fitofemepro/ Frame 3077 535 B
1022 B 46ms
14ms XHR
application/json 52.222.179.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/fitofemepro/flags.json
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-32.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22d91f8361e660b16d4ea0baa678df29b3e8ad347b5238801f03dd3788c2ee86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .2K1d_7wJoUcYAkah4RgA7QyU49pQsTv
via: 1.1 4efecb7b2ace4b001ec9b1d536dcfc43.cloudfront.net (CloudFront)
etag: "2bbb8c46b1e77037138cf22d93f5c559"
age: 12471
x-cache: Hit from cloudfront
content-length: 535
last-modified: Mon, 28 Jun 2021 17:28:55 GMT
server: AmazonS3
date: Wed, 15 Sep 2021 16:49:44 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900,s-maxage=900
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: Pq3hzEklUo0sWwElJLdI_K0ugHKnN5CEPoLVAAAi_niTtQFpD4QbLQ==

GET
H2 200 usr Show response
usr.navdmp.com/ Frame 3077 358 B
432 B 188ms
167ms Script
application/javascript 104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=58492&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3fb9c89044adb85e4a0638a5b0a091c3586da086700de8290a1677518a98636

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 20:17:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68f48a0f9d4e2774-PRG
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Wed, 15 Sep 2021 21:17:34 GMT

GET
H2 200 / Show response
opi.navdmp.com/ Frame 3077 2 B
194 B 140ms
86ms Fetch
application/json 104.16.13.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opi.navdmp.com/?v=9&url=https://topdanet3.blogspot.com/2019/05/tb12-lead.html&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.13.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 68f48a0fda404125-PRG
content-length: 2

GET
H2 200 session.js Show response
suite.linximpulse.net/impulse/ Frame 3077 14 KB
5 KB 21ms
17ms Script
application/javascript 52.222.179.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/session.js
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-32.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe1f2315a24c0f3ea5646738a71087bd616af2aee8769267ec035ad9a31a02a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rKUZaQIaiHaVqqdcR20FKY_WhyJk6ue4
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 14:10:01 GMT
server: AmazonS3
age: 20367
etag: W/"b2bd62c7743410a9f47119f7e37ad838"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Wed, 15 Sep 2021 14:44:26 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: b_dFBJ0UBykU8nPJtKr5cO0Pp5JX3mPT2Hi-k_H-6hai2umwU28Z_w==

GET
H2 200 collection.js Show response
suite.linximpulse.net/impulse/ Frame 3077 9 KB
4 KB 20ms
16ms Script
application/javascript 52.222.179.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/collection.js
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-32.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76cf209ad2b2e77d41db6b60874c228d99f23877b89e0d0ef802ed3eb88fba73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: aLhPWO8tbjWMgWrx2QbfRA8mgJSovkOK
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:50:17 GMT
server: AmazonS3
age: 9972
etag: W/"2454beff9e91416ce51e4cb68653c997"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Wed, 15 Sep 2021 17:33:16 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: YiN-GBv5LcRv_SOh9MsIEpzjiNoz125FMtljjNRlsrlp2N1DjNnnjg==

POST
H2 200 legacy_id Show response
api-ads.percycle.com/ Frame 3077 51 B
532 B 338ms
306ms XHR
application/json 52.222.186.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-ads.percycle.com/legacy_id
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/session.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-91.ham50.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: fbd71040fcfdf7716e49b35e8ab15b0e2db2777e7fa7f2450be8cbf598bb2997

Request headers

Referer: https://topdanet3.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
via: 1.1 312b9f49a05a10af1e6462e1c59bae9b.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: HAM50-C2
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://topdanet3.blogspot.com
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type
content-length: 51
x-amz-cf-id: BG-Kksb14kNxgHK-SQLkxsUb_LevL-mXcQOg5e-OEGkz7nOYsZ-sMA==

OPTIONS
H2 200 legacy_id
api-ads.percycle.com/ Frame 0
0 382ms
313ms Preflight
text/plain 52.222.186.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-ads.percycle.com/legacy_id
Protocol: H2
Server: 52.222.186.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-91.ham50.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topdanet3.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain
content-length: 0
server: awselb/2.0
date: Wed, 15 Sep 2021 20:17:34 GMT
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://topdanet3.blogspot.com
x-cache: Miss from cloudfront
via: 1.1 24eb1500b3f80b309dcd7b8a50210a69.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: i_epArGNjhtF4bJu5YvdAP36U8s-qKO69x5VVv5ZJ9JNZI-CN282cA==

POST
H2 200 legacy_id Show response
collect.chaordicsystems.com/ Frame 3077 51 B
675 B 542ms
400ms XHR
application/json 52.222.186.97

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.chaordicsystems.com/legacy_id
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/session.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.97 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: fbd71040fcfdf7716e49b35e8ab15b0e2db2777e7fa7f2450be8cbf598bb2997

Request headers

Referer: https://topdanet3.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)
content-md5: OkDOm9JTmsi2GuW2vkcsTw==
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
content-length: 51
x-request-id: 636ccd45-52c3-4dde-ab8f-4eed45efa9c4
x-response-time: 0
monkey: ip-10-26-70-150:9000@v6.0.159
server: nginx
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://topdanet3.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: 64foxWwZw5grDkXFAIMWKy4keWdnb_D3hiP9659UT7V0Zn-quQD7gg==

OPTIONS
H2 204 legacy_id
collect.chaordicsystems.com/ Frame 0
0 500ms
422ms Preflight 52.222.186.97

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.chaordicsystems.com/legacy_id
Protocol: H2
Server: 52.222.186.97 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topdanet3.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
server: nginx
access-control-allow-origin: https://topdanet3.blogspot.com
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-host
x-cache: Miss from cloudfront
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: wa1lnASjTU6xXFUoXrJFY6o0OEXZU2wBy781vwqpfod43zgd1SCo2A==

POST
H2 200 legacy_id Show response
ckies.net/ Frame 3077 51 B
535 B 159ms
125ms XHR
application/json 54.230.206.121

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/legacy_id
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/session.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.121 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: fbd71040fcfdf7716e49b35e8ab15b0e2db2777e7fa7f2450be8cbf598bb2997

Request headers

Referer: https://topdanet3.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
via: 1.1 0a902401d20e3459ce96a6c687177b24.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: HAM50-C3
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://topdanet3.blogspot.com
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type
content-length: 51
x-amz-cf-id: Hr0HUt6aLD2wEjdYL8kxbq7nhftSndM0iRVcGgIfuWoCdACuCwvmOA==

OPTIONS
H2 200 legacy_id
ckies.net/ Frame 0
0 439ms
379ms Preflight
text/plain 54.230.206.121

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/legacy_id
Protocol: H2
Server: 54.230.206.121 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topdanet3.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain
content-length: 0
server: awselb/2.0
date: Wed, 15 Sep 2021 20:17:35 GMT
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://topdanet3.blogspot.com
x-cache: Miss from cloudfront
via: 1.1 10c4b217f06a5ef1c22d0afa78f63d92.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: qNppuLXbCh5DDzkMDDd4IwFbIEWygPBdVbhnzEUeSCtJ5Fs9qQbpSg==

GET
H2 200 watson Show response
opi.navdmp.com/ Frame 3077 0
37 B 74ms
73ms Fetch
application/json 104.16.13.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opi.navdmp.com/watson?&url=https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.13.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 68f48a106bb34125-PRG
content-length: 0

GET
H2 200 req Show response
cdn.navdmp.com/ Frame 3077 6 B
78 B 188ms
170ms Script
application/x-javascript 104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?id=f5e78779c69027e7b8dba519909%7C0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 68f48a10d8482774-PRG
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/ Frame 3077
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=66009462684
https://sync2.navdmp.com/sync?prtid=2&id=66009462684&google_gid=CAESEHodPpK6lL951sXlBydBJ9Q&google_cver=1

6 B
58 B

172ms
163ms

Script
application/javascript

104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=66009462684&google_gid=CAESEHodPpK6lL951sXlBydBJ9Q&google_cver=1
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 68f48a1139162774-PRG
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=66009462684&google_gid=CAESEHodPpK6lL951sXlBydBJ9Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/ Frame 3077
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=8bea6142-54de-4300-bddb-f90e65de427c

43 B
130 B

184ms
164ms

Image
image/gif

104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=8bea6142-54de-4300-bddb-f90e65de427c
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 68f48a1108be2774-PRG
content-length: 43

Redirect headers

Date: Wed, 15 Sep 2021 20:17:34 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=8bea6142-54de-4300-bddb-f90e65de427c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 15 Sep 2021 20:17:33 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 3077 0
0 270ms
37ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 req Show response
cdn.navdmp.com/ Frame 3077 6 B
81 B 160ms
160ms Script
application/x-javascript 104.16.14.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?id=f5e78779c69027e7b8dba519909%7C0&v=9&acc=58492&tit=tb12-lead&url=https%253A%2F%2Ftitanblue12x.com.br%2F&upd=1&new=1&ref=https%253A%2F%2Ftitanblue12x.com.br%2F
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 68f48a10e8742774-PRG
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 200 core.js Show response
conectiva.io/XEngine/ Frame 3077 16 KB
6 KB 29ms
25ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: bc75c17033ddcecf717ed63a71a43ce40dacd3502f1b65734df657aec3314619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1021
x-powered-by: sunset.solutions
last-modified: Wed, 16 Dec 2020 16:55:27 GMT
server: cloudflare
etag: W/"5fda3bff-6111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2YFr2XXpXYUnVSGFNv9MDt3rO3g6ue4xiQj4f0d9NK%2Bu9Ldvz%2F4pNnkvFFNsNKkZTUcpUi%2Bj6UjzeK2RG%2BTXG3MEiiAcDVWItNfgmpAK179vFOdERnfj49DXodP0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=24849
cf-ray: 68f48a11ef602784-PRG
cf-bgj: minify

GET
H2 200 load.js Show response
conectiva.io/XEngine/DGUID/90228553-5F9D-D25D-C496-ED95BDBA667B/ Frame 3077 66 B
376 B 168ms
168ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/DGUID/90228553-5F9D-D25D-C496-ED95BDBA667B/load.js?ts=1631743200
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 6bb1c1f188753172b2c18c7d2e6cf1c1ec8220fbc9e75e34be6d115d09d4c6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sunset.solutions
last-modified: Thu, 29 Oct 2020 12:24:29 GMT
server: cloudflare
etag: W/"5f9ab47d-43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWUAWca3gj6oaRqw9nPcwOjwrx%2BSraDYhsjZWzvS2H0IjwsdESOHInraTVoOc3HWsQbzaE0Cbvh2jkuLJdj86hrItjGSC%2BlYtlT67JLnkPUuQ2pTXJ0bI0dTVm2AfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=67
cf-ray: 68f48a122ffb2784-PRG
cf-bgj: minify

GET
H2 200 proc.js Show response
conectiva.io/XEngine/DGUID/90228553-5F9D-D25D-C496-ED95BDBA667B/ Frame 3077 0
426 B 177ms
176ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/DGUID/90228553-5F9D-D25D-C496-ED95BDBA667B/proc.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sunset.solutions
content-length: 0
last-modified: Thu, 29 Oct 2020 12:24:53 GMT
server: cloudflare
etag: "5f9ab495-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nk12V9dU5yKVvMhPGO%2Bni4Dr9nDbG3fD8YhUDLDbWUPS6ebFVBQFHsCs1F389d%2BPEPMu0ECjqrl1%2F85ws5h0Km0kMXKrMj2mSEN7WxeeYfcGETcG2qUEAh8r22Tetg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68f48a133a8a2784-PRG
cf-bgj: minify

GET
H2 200 datatunnel.js Show response
conectiva.io/XEngine/extensions/datatunnel/ Frame 3077 788 B
658 B 31ms
30ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/datatunnel/datatunnel.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 755a031eaeb32170081e04ff2f614f99ff4bd102cc915420bc5f503368a5c716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1022
x-powered-by: sunset.solutions
last-modified: Fri, 30 Aug 2019 19:31:10 GMT
server: cloudflare
etag: W/"5d69797e-3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T930a93bQJkWAjcJd0v5no5tpYA1OuiybBI6svLyR04O53migkITCmNoUd6S1T%2B6I036B%2BMSlmh0qfFOCCwXLh4KQBkJrHpXCtOHb5Y7Hi937inVS3SfVASpm4bow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=979
cf-ray: 68f48a133a8e2784-PRG
cf-bgj: minify

GET
H2 200 visitor.js Show response
conectiva.io/XEngine/extensions/visitor/ Frame 3077 4 KB
2 KB 31ms
31ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/visitor/visitor.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: cf9c1944df885441334278a123405963aa70a0a841ff577be9e19fad3ca44f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1022
x-powered-by: sunset.solutions
last-modified: Sun, 11 Apr 2021 12:16:42 GMT
server: cloudflare
etag: W/"6072e8aa-2bb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvZM4cc%2FbjvOZBk8jAD6EP0HPSHssh48AWn8g8X%2B9IousSoxNVtyq78EqQ8hr8AMT7kb%2B%2B1Z2Cah6%2BFA3%2B3D3omYd2my7XCcwL6mMsgXhB%2Fr8b8PPDWzLq5EjLG%2F5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=11193
cf-ray: 68f48a133a8f2784-PRG
cf-bgj: minify

GET
H2 200 cartstackbr.js Show response
conectiva.io/XEngine/extensions/cartstackbr/ Frame 3077 3 KB
2 KB 31ms
31ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/cartstackbr/cartstackbr.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: e2fab1d8fbe2b2c340827ef2cf162707e7363a184e301750a59f285b81388133

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1022
x-powered-by: sunset.solutions
last-modified: Sat, 11 Sep 2021 16:07:16 GMT
server: cloudflare
etag: W/"613cd434-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW015kc8bF4hT8jJBvldXwLG%2Fd0EYsvkrlilvqXpykoPJ7SLNOfYqg%2BDwEdPCb8AshXFadLYhDH9H%2Fp99v2nLVQJ5CVQh9nJ%2FlpUPeRRXO5o3IoGqR5EaK%2Fn15b85Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=5231
cf-ray: 68f48a133a922784-PRG
cf-bgj: minify

GET
H2 200 performa.js Show response
conectiva.io/XEngine/extensions/performa/ Frame 3077 2 KB
1 KB 26ms
26ms Script
application/javascript 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/performa/performa.js?ts=1631743200
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 1cb6cd28bcd130dd28473b788e18f816814614baed68c649f6d4cb0ec6941a35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1022
x-powered-by: sunset.solutions
last-modified: Tue, 20 Jul 2021 18:20:37 GMT
server: cloudflare
etag: W/"60f713f5-de4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKWpKQtkJGOH0F4pR%2B3Jshei9HjjX94K8HZkj5i23yfNCyf%2BfIyYcOaAl7zDRoAsUp9fsOZX%2BX8gSznorCS0ZL5C%2BbiyzjIFI2C2IuGACbaDHDAhS07n5gQVzlRl0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=3556
cf-ray: 68f48a133a962784-PRG
cf-bgj: minify

GET
H3 200 /
www.facebook.com/tr/ Frame 3077 44 B
88 B 35ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=430261258114974&ev=PageView&dl=https%3A%2F%2Ftopdanet3.blogspot.com%2F2019%2F05%2Ftb12-lead.html&rl=https%3A%2F%2Ftitanblue12x.com.br%2F&if=true&ts=1631737055261&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1631737054513&coo=false&exp=p1&rqm=GET

Requested by

Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 20:17:35 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1C6D 28 B
50 B 32ms
32ms XHR
application/json 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jMY0u0XQEig?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
X-YouTube-Client-Version: 1.20210913.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtVVEZzRlZpRXZJRSjcqYmKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631737052904&flash=0&frm=2&u_tz&u_his=4&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKohqwgy1HSesxFi6kkOdlF60uZsnu5Knq521EtI7wFaIlpvFM5EPLAv_CwNqqDhWj4-1y7zL_7P87w-4WX6WQK80NHgqA

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 952C 28 B
50 B 32ms
30ms XHR
application/json 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9FHKLOZNimI?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
X-YouTube-Client-Version: 1.20210913.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtVVEZzRlZpRXZJRSjcqYmKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631737052799&flash=0&frm=2&u_tz&u_his=4&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKoqgYRxSZ5Xx9XJYEYOWdazz1Q4qkKTtPj8GV8f5vn5S5OauOm1RaCUS15KzAV4clQmggNoKWpO0mNlIEZxSkyiGPqZbw

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3216 28 B
50 B 36ms
33ms XHR
application/json 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f14.1e100.net

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/C-7xRLkwLgY?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=1
X-YouTube-Client-Version: 1.20210913.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtVVEZzRlZpRXZJRSjcqYmKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631737052808&flash=0&frm=2&u_tz&u_his=4&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKpT5DKiQRzr1yotEw1FG9vAvuMoaSig1ypTZhb6LuS-6B72aB7PuYZ9gvVsCiefn6nlUGKOuizPPOcXDLZoHzxe2HD0Tg

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H2 200 core.js Show response
app.cartstack.com.br/activeAPI/cnct/ Frame 3077 7 KB
3 KB 24ms
22ms Script
application/javascript 104.22.31.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/cnct/core.js?ts=1631743200

Requested by

Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.31.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions

Resource Hash

486991eb99fe5048b414a1c4197e82515378621b810787e92586d2b90667ffd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-lb: 1
x-cs: MISS
age: 816
x-powered-by: sunset.solutions
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Sep 2021 19:12:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=13251
cf-ray: 68f48a144f8c27c0-PRG
cf-bgj: minify

GET
H2 200 / Show response
api.performa.ai/v1/ Frame 3077 193 B
275 B 164ms
163ms XHR
application/json 104.22.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.performa.ai/v1/?type=front&params={%22route%22:%22store_details%22}&pubkey=90228553-5F9D-D25D-C496-ED95BDBA667B&cache=remote
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.10.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc79073590ec90a44e69c742bf63f132d82c9b04e0135039ba32e7af5cbb0715

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 19:19:27 GMT
server: cloudflare
x-cs: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 68f48a145d08f9e2-PRG
access-control-allow-headers: *

GET
H2 200 pgvw.png
conectiva.io/XEngine/services/ Frame 3077 68 B
481 B 165ms
165ms Image
image/png 104.26.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conectiva.io/XEngine/services/pgvw.png?DGUID=90228553-5F9D-D25D-C496-ED95BDBA667B&domain=blogspot.com&visitorID=93ab61de-cfb3-4711-a893-22f3e62e3c7a&ts=1631737055
Requested by: Host: topdanet3.blogspot.com
URL: https://topdanet3.blogspot.com/2019/05/tb12-lead.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Jan 2020 13:28:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOGZgOK9f0JlE8mh9NthvUITi20Fmu5BdWKkJepBJwSf64P9koE00QVHBmgSKARt7y9SUaUEwTLqVVxOtT04nQwxkV7TjyibsX2WI8xf118xB7sS2rRRpl3g9cA1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 68f48a145d862784-PRG
content-length: 68
svr-datetime: Wednesday, 15-Sep-2021 17:17:35 -03
expires: Wed, 15 Sep 2021 20:17:34 GMT

GET
H2 200 proc.js Show response
app.cartstack.com.br/activeAPI/cnct/ Frame 3077 373 B
334 B 165ms
165ms Script
application/javascript 104.22.31.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/cnct/proc.js?newlayer=aHR0cHM6Ly90b3BkYW5ldDMuYmxvZ3Nwb3QuY29tLzIwMTkvMDUvdGIxMi1sZWFkLmh0bWw=&__utmc=0,0&__utmz=0&ref=auto&ts=1631743200

Requested by

Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1631743200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.31.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions

Resource Hash

830f3fa54a1eacce2637b860e454179c53754ead46a0a3204a3e0db908f9698e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-lb: 1
x-cs: MISS
x-powered-by: sunset.solutions
x-ua-compatible: IE=Edge
last-modified: Wed, 15 Sep 2021 20:00:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-polished: origSize=437
cf-ray: 68f48a147fef27c0-PRG
cf-bgj: minify

GET pixel
bid.g.doubleclick.net/xbbe/ Frame 438A 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3077 11 KB
8 KB 67ms
36ms XHR
application/json 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

45ac92896318b9fdb7f289b94f38e5862cc3101ca3ce01e4ecc7dcb9739479c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8603
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3077 17 KB
7 KB 84ms
27ms Script
text/javascript 142.250.187.193

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 15 Sep 2021 20:17:35 GMT

GET
H2 200 metadata.js Show response
suite.linximpulse.net/impulse/fitofemepro/ Frame 3077 23 KB
7 KB 14ms
14ms Script
application/javascript 52.222.179.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/fitofemepro/metadata.js
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-32.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3262eb43f2dba18d70ad94d80bf957af48a1aa4e97c48dcf3b41de25a1cc1b56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GsTRIhZ2v.INlnppjFaVk3HCVj_789wY
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 14:50:43 GMT
server: AmazonS3
age: 22144
etag: W/"31d49a8a4bcf9b421887e2f736e0764f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac41.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Wed, 15 Sep 2021 14:08:32 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: AeoDCMBNFmWoQaNeLmCBs4Da2roS7LwF8p-zYFCo3UbEhGv3iuQe8w==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2361 12 KB
5 KB 59ms
25ms Document
text/html 142.250.187.193

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://topdanet3.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 15 Sep 2021 18:40:38 GMT
expires: Thu, 15 Sep 2022 18:40:38 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 544E 783 B
532 B 34ms
34ms Document
text/html 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f4.1e100.net

Software

GSE /

Resource Hash

e54d34f46333955762d65d0d4a00e2b4316a6e3803ccdaf5240df7fc32a45a7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j6dFpxz3YeDpt0teM3GvSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://topdanet3.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/

Response headers

expires: Wed, 15 Sep 2021 20:17:35 GMT
date: Wed, 15 Sep 2021 20:17:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-j6dFpxz3YeDpt0teM3GvSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8A9A 0
15 B 35ms
35ms Document
text/plain 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://topdanet3.blogspot.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://topdanet3.blogspot.com/
accept-encoding: gzip, deflate, br
cookie: fr=0AfaZSmVNfbaIVMtM..BhQlTc...1.0.BhQlTc.
Upgrade-Insecure-Requests: 1
Origin: https://topdanet3.blogspot.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://topdanet3.blogspot.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 15 Sep 2021 20:17:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 544E 0
0 68ms
68ms Image
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=181894626184477&rc=
Requested by: Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.187.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s34-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame 2361 35 KB
13 KB 26ms
25ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 14 Sep 2022 23:00:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3077 0
20 B 39ms
39ms Image
image/gif 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=181894626184477&bg=!aGulay_NAAYT0U73E9E7ACkAdvg8WnnOiAyuJwfuM99E_zIQ-DTNr-22pNrXtV5fWoXqj6yxfd007gIAAABgUgAAAAtoAQcKAGu2QxTitvzK4YTOOaDu3ZpzPaap36ggBh2KEcJqq20S-zKjTkLh-hy5mcZEDEbYicS4aMIpt0ZX73MALAhzAYR2mNL4R5cjKslE6c8L38Sza8BZptvVfx6qzde8GypKtwRsvAU1HMc6F8ku25kCzigrpMYE7PKfEBM7ChDCiwV1T2iMFEy8QOUs4drP7ys0zeSvlWSPp6BLZhVKkT9eEGTLjvD_-_-DmZHLxSUvEunpuF7Io8wIfKNzgxiRbTu4FJh26zKFpRahmkNNQ0gymh61Ej-NiUZZPDijJRkfuotalEGRMmtdUdhQJozxOqH6G7xW6maiTgxlt3IUcyPSR2f58S7X-IXTiur6YdUVjJQLxlSUsKdd1V0InuAQJbxkEyP9QWSxkSQ3G_BO81tf22gAoDznMt5asDsSEJCSGLTC_NpW12DN2JLuW_CYaApnrwBgc-k0bnitNilL70zpE3wAIMMCM2dStKUjJBEj0Eu-YHK_rCtkT4ELYWqXf7hRgCgebpk1xsEbt5qplktaQ-QoGakWu0KGLFwygy9IYpmlA-KA_UIdb50i9r7vU_l9bx_Wh8R1Hy8welE3Prhe7E5O33b-t27T9-QlD5nTetsmAXOPE_MT0UoIyYkERH5lqvEeu9RvGuixpyBViapGlPJaNDz7rZXdjUq7tF6JlXoyatrSmy8PnlRZfA4P9XWUvQCOm7caJH61IA_CoBEsITrATmcNyaKq1WcEObLqo7ebvFik1tOzaWujR2oU62aReSQr7MGNZEAkSbGEW9O3k_2W6NqHV2oqBOenwsu7hoRvJGJyJGzJXtn32Cajmbkk3ymVrSL22A-jRMSs8GYzvwi3NniImftKvLD9ZBzO-7obeQo7e8dbFGXbQOmjYLDo4LjwZz_uUwztIc5skkNJYAHrJoUs4UmNDBX56yxCVE8_AB35jEDsP_sn1RNFb60-KMAD5M2F2RBSb-hlpWL58NQkwAyP8lpahiDg2t03OF6w2bQTvCpatd7rjsTk2VUaAmot709Lu475RVeZ3icuDAsS7OQvuM1z85LY9fm55vEzgHgkH2wSFrF7_ksyURrYUHqXsCT0l-CqsTAP054

Requested by

Host: titanblue12x.com.br
URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://topdanet3.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:17:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 01:34:49	Name: _bit Value: l8fkhu-ffaa87dddd631c417e-00Q
.clubdeofertas.lojaintegrada.com.br/	1970-01-23 11:39:37	Name: owa_v Value: cdh%3D%3Ebb9a3be1%7C%7C%7Cvid%3D%3E1631737051838775311%7C%7C%7Cfsts%3D%3E1631737051%7C%7C%7Cdsfs%3D%3E0%7C%7C%7Cnps%3D%3E1
.clubdeofertas.lojaintegrada.com.br/	1970-01-23 11:39:37	Name: owa_s Value: cdh%3D%3Ebb9a3be1%7C%7C%7Clast_req%3D%3E1631737051%7C%7C%7Csid%3D%3E1631737051321545659%7C%7C%7Cdsps%3D%3E0%7C%7C%7Creferer%3D%3E%28none%29%7C%7C%7Cmedium%3D%3Edirect%7C%7C%7Csource%3D%3E%28none%29%7C%7C%7Csearch_terms%3D%3E%28none%29
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: m9KPxZHQrbU
.youtube.com/	1970-01-20 01:34:49	Name: VISITOR_INFO1_LIVE Value: UTFsFViEvIE
ctrack.g2afse.com/	1970-01-20 06:01:13	Name: afclick Value: 614254dbeb72f80001a35335
ctrack.g2afse.com/	1970-01-20 06:01:13	Name: afoffers Value: {"37":1631737051}
.app.monetizze.com.br/	1970-04-29 21:15:37	Name: mon_ Value: %7B%22D8oolF8%3D%22%3A%22A0Sfud%2B4NcrU9g%3D%3D%22%7D
.doubleclick.net/	1970-01-20 14:46:49	Name: IDE Value: AHWqTUlBqEmqhyE8a5MvwrnB8AlfI4M3UWqa5IQ8aK7PLurdJdappVKr_RF0OAc1
.lojaintegrada.com.br/	1970-01-20 14:46:49	Name: _ga_WWBKWR2LZB Value: GS1.1.1631737051.1.0.1631737051.60
.lojaintegrada.com.br/	1970-01-20 14:46:49	Name: _ga Value: GA1.1.487580334.1631737052
my.rtmark.net/	1970-01-20 06:01:13	Name: ID Value: fad8c01f77034b8a90aa0ec6079f0440
.bing.com/	1970-01-20 06:37:13	Name: MUID Value: 328C8BFCF3736F3106139B4FF2316E14
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8fwhxfvZlhd
.mgid.com/	1970-01-19 21:15:38	Name: __cf_bm Value: fa26b2a122026b158b014d993ce5534b0fa7041b-1631737052-0-AabFsUE0POKStRFmPIqngTDU3Ds4pVePFgrLATj/I6qKo4lICNOKl/iWjrX1HUSTi0+UtaANufNqoC1d/t4eDPw=
.facebook.com/	1970-01-19 23:25:13	Name: fr Value: 0AfaZSmVNfbaIVMtM..BhQlTc...1.0.BhQlTc.
.desinpros.com.br/	1970-01-19 21:17:03	Name: xe_config Value: SUREQVQzMDkwLDk4NjQ4MjI4LTE2RTMtOThEQi1DRjEwLTZFRjFFMjQ1NzhBNiwuZGVzaW5wcm9zLmNvbS5icg==
.desinpros.com.br/	1970-01-20 14:32:25	Name: xe_visitor Value: eyJpZCI6IjkzYWI2MWRlLWNmYjMtNDcxMS1hODkzLTIyZjNlNjJlM2M3YSIsImVtYWlsIjoiIn0=
api.sunset.systems/	1970-01-20 14:32:25	Name: xe_visitor Value: eGVfdmlzaXRvcnx7ImlkIjoiOTNhYjYxZGUtY2ZiMy00NzExLWE4OTMtMjJmM2U2MmUzYzdhIiwiZW1haWwiOiIifXw3MjA=
.zemanta.com/	1970-01-20 06:01:13	Name: zuid Value: bcQ0p8oqWx_iQPbHAHCe
.desinpros.com.br/	1970-01-20 06:01:13	Name: cartstack.com-cartid Value: Mjg1MDA5NDg0
api.sunset.systems/	1970-01-20 06:01:13	Name: cartstack.com-cartid Value: Y2FydHN0YWNrLmNvbS1jYXJ0aWR8Mjg1MDA5NDg0fDM2NQ==
.topdanet3.blogspot.com/	1970-01-20 06:01:13	Name: _ym_uid Value: 16317370551033470473
.topdanet3.blogspot.com/	1970-01-20 06:01:13	Name: _ym_d Value: 1631737055
.navdmp.com/	1970-01-20 06:01:33	Name: ac3 Value: 1
.yandex.com/	1970-01-20 06:01:13	Name: yandexuid Value: 2019255061631737054
.yandex.com/	1970-01-20 06:01:13	Name: yuidss Value: 2019255061631737054
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 576038711631737054
.yandex.com/	1970-01-23 12:51:37	Name: i Value: MLR7CMU/avLGtyV4UjdP5uzkoPRG89t5NEex4KO0UF4GJ5Bm0Lhxpko/0VNZKpMlhuDf8DPsAr4v9Xsr+ia9Kk7SOIg=
.yandex.com/	1970-01-20 06:01:13	Name: ymex Value: 1663273054.yrts.1631737054#1663273054.yrtsi.1631737054
.topdanet3.blogspot.com/	1970-01-19 21:16:49	Name: _ym_isad Value: 2
.topdanet3.blogspot.com/	1970-01-19 21:15:38	Name: _ym_visorc Value: w
.navdmp.com/	1970-01-20 14:32:24	Name: nid Value: f5e78779ca631b23a590338c209\|1\|285
.mathtag.com/	1970-01-20 06:41:32	Name: uuid Value: 8bea6142-54de-4300-bddb-f90e65de427c

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://ev.braip.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security	warning	URL: https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838 Message: Mixed Content: The page at 'https://titanblue12x.com.br/macho-alfa/?mcr=AHQ11850838' was loaded over HTTPS, but requested an insecure element 'http://titanblue12x.com.br/wp-content/uploads/2020/11/bg1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
a.mgid.com
adservice.google.com
ajax.googleapis.com
amplify.outbrain.com
analytics.awsli.com.br
analytics.google.com
api-ads.percycle.com
api.performa.ai
api.sunset.systems
app.cartstack.com
app.cartstack.com.br
app.monetizze.com.br
bat.bing.com
bid.g.doubleclick.net
bit.ly
cdn.awsli.com.br
cdn.navdmp.com
cdn.taboola.com
cdnjs.cloudflare.com
ckies.net
clubdeofertas.lojaintegrada.com.br
cm.g.doubleclick.net
cms.analytics.yahoo.com
collect.chaordicsystems.com
conectiva.io
connect.facebook.net
ctrack.g2afse.com
ev.braip.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
lipotril-oficial.com
lipotril.com.br
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
opi.navdmp.com
p1.zemanta.com
pagead2.googlesyndication.com
pix.user-clicks.com
pixel.mathtag.com
resources.blogblog.com
sp.secureserver.club
stackpath.bootstrapcdn.com
static.doubleclick.net
stats.g.doubleclick.net
suite.linximpulse.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
themes.googleusercontent.com
titanblue12x.com.br
topdanet3.blogspot.com
tpc.googlesyndication.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
usr.navdmp.com
www.blogger.com
www.desinpros.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
bid.g.doubleclick.net
104.126.37.42
104.16.13.243
104.16.14.243
104.16.18.94
104.18.10.207
104.18.11.207
104.19.134.78
104.21.48.244
104.21.49.22
104.21.72.245
104.22.10.209
104.22.31.161
104.22.6.7
104.26.12.120
13.107.21.200
139.45.195.8
141.226.228.48
142.250.178.10
142.250.178.22
142.250.178.3
142.250.178.8
142.250.179.226
142.250.179.238
142.250.180.1
142.250.180.14
142.250.187.193
142.250.187.194
142.250.187.226
142.250.187.238
142.250.200.2
142.250.200.38
172.217.169.41
172.217.169.66
172.217.169.74
172.66.40.100
172.67.179.39
18.231.32.240
184.30.20.207
185.60.218.24
185.60.218.35
195.181.175.45
199.232.137.44
205.185.216.10
212.32.252.69
212.82.100.182
216.58.212.226
216.58.212.228
216.58.213.1
216.58.213.14
23.45.97.130
34.120.59.192
44.238.98.219
52.222.179.32
52.222.179.35
52.222.186.91
52.222.186.97
54.230.206.121
54.234.62.20
64.202.112.63
67.199.248.11
74.125.133.156
93.158.134.119
0038a46147de8ad7ae4477a228fa1b23922fbeadeac512f61d020e5ffcbe6a9b
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0150b1109ca8beff50bdcd79d48b6a476f55e3d462e2eec4a28eb6993f8d5009
0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
025cc8f13db32fe1fde1027c7d5c9ea56bcd04f59cfece9568008d39e955e7fb
034bda263d0441afe35bc18419a312f5ac10dc732e295f5dbcff8ce021b665d9
03789bc9fecd15eb933b5effb22e7bd46730c795c090fdb67b9067e386b22fed
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
04ddbcdf7b17a879ed5a2ac0cc6c703d3065140b2523ecb775614fc002c57a54
05e2b9ed81359985e0f53857b2e47f0694d40dd61347c1e334b9dd1f28b9b7cb
09326eaeb66b8383efe4412029740b3e25ce2ebe617b56052e9978494e0080ab
0dbf81f584df6d0048d16d0f82f1fb6042daa1eff46bb27369cde6676ecfdf1c
0dcf6baeb7187096dfadc26861b7e0ec4642e6e834460324c38f88ade9abc45f
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5a611e61d56bf3794a7521b423a91d8c60da9878ada23068d02c6743464c86
1074c31d8703e9501db47fee6833ccbc02acd4e4ee7d27f85b1231e537abe5b3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d3557521947f22e8e054c3558a5b127ca2acc6ffcc82bb0d7c124782bef625
14318637a9a1c2fba75fc16d18b1c274c81c02317c2450cd4a34b6be531ef6df
15441026a129a606b0446a1ccdaa4e1843b8d15746881702785a23dca2259984
1661a8640178c0fe1aeb1108792c69154b53a7b211d319899b01c57ddbae3051
16e2816b22f4d5ebddd7c5696147abfa2cf48dc58d3377690becdb88f5a99161
17e4a7b26efb988c7d86b59c0de51e17862c750161fa05ac9f9fa39193025d9a
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
187e57f7aed832cd18c3fcc3112b30956390a2621397e18c1f6e64be2d51d05d
18e3c3ca1e5a657dc68553f36e79e42b5db706d063b825cd1a0ee121c8eef799
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
19313c1d1a8990444ee252834f10fce387d8e87b909483da03d845fef25288eb
1947bbfa54a1079d10e73adaccdcc21952faa0d6d5929e567eee24f902076fd1
19a5f9b2b0994d6709cc950ffa8912dd18e93b6679ed4290acd9e1cff3cca205
1b0d96975c649d06733d981489267989b6fc8f8a81b2a6c95f3a8e96413e2c9f
1cb6cd28bcd130dd28473b788e18f816814614baed68c649f6d4cb0ec6941a35
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1faa9821aa925dc81c1c3e023c98eafa6f20ce5cd2982dd8323b0bf492bd42e2
20121b48f28810417dba4a870da38f1b359f20e78cba3eede809d32338da8c3e
217e0e15fd8dc1e683581a646b3909b0382d3aefbff0ec15ff7d15850a76a742
22d91f8361e660b16d4ea0baa678df29b3e8ad347b5238801f03dd3788c2ee86
24a8efd5f2415f3b9e5ab7c5809ee619e074bbb552cdee7f78f0191c1548ca22
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e5575f5e6b9c9fe4c133b05cf363f0d311c9b32637c1cc047eac626dceb54f
262235a94c60754d63c268024d2e8d9edc2f3555700968575a0025747213fee7
267459a117b27c009a469a890d8628f251fa851e1efa8fa2137cc54ace2845e0
2751738bcf477d91fdede7b2921db087d987526d85d4a634db4e1a52748ab2c8
27576ecdcd71151d86727a0c7909b6b706101cb6ecf925443f86546eab134ef5
2960b8371a1fd637245d3ba982563f9adf29e28de872398114a96dce349eece0
2acd5c593f99ed3f880053a8e2e09daa948ebff4c8615efa63055e0695756926
2b85fb3aa2cdb41f188e891957349fd0e96b602461c84bf416c8d6b5993d66a0
2b9f7c999c8a3fc59dc885250d034bf10f1abf6f3b23a5cfae24a294e8b45e07
2ef18580278ccd431dd7352e31feed74600cec0471c3c16604a057ef94d3eda4
30408479f746abe0f8aeb9e5e63749971007db0c538b893d4441eaa384f39f53
30f5db6d381a0f6ad114c3f0ec5df5244fcbe52671bac4635a0db710f6aadb73
3262eb43f2dba18d70ad94d80bf957af48a1aa4e97c48dcf3b41de25a1cc1b56
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
34f76f715f90c104ed386533ec7f29af7e5c1fd4c3be2e27309e3e6a079d16cc
35e9b418851fc47bf517c6a122d1550c52f148f84e9f03111988134c22afafe9
362c33576d36180d3da725eeaf623b510c625f1db06e51b29ef26afa636b5fb6
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
37f4ba5bc095c30c53f3c86f69829ecf5f1edb12705a0cdbaff15dec93b2e300
38e8ac99099a95dd3998eb6963ff35b0650894f4fdaa4797e359b74ed08267f1
39e42c974480e475d97bba35425c05434d91a10680ca0d0dd1fae18349adbb1c
3a7030868cbd2d0e41db2b2ceb52845db200891fb25941603a71bb37f60d8b34
3b2b873a2251d89a1b45ea4019bb79175a08e509bc4f26236ca3ebd65f4f0fed
3b649ea7d34b097711445cf4280b5174e272b20c5605fc1164b2ce2e736c5bb1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c7dbcbefc040556c7390260661f267e3410af13c903e8526908937f51d4a727
3c926bb9d7e6de25c35313d9969ae65f4374f1431f29926720f34347887e9998
3d7a55950af95998fe7fde8abf9122355bf82d55a89c0c32e295ea00cbed9226
3dd3495e009be64979c745f8529cad04631402381faa301639d3b41e636ec63e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a
3fa044776a1339272797ddc9fb613ee7ff7e1979af239506b3301522486031e7
3fb2ebd0da9a857543d57f02713b4baf9c09d04488d9928f9294f72d4f08d530
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3ffa7af1b979934d3f62641616e156d7e2ccb0dfd215d83b2534d3cb013c74ed
403d9e35a082d9a993cbc07333e4a89b488bd94c578f54546025e7ceb42218ff
416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39
42136e98477e56f59a7a6b455f57b43181b51047666b1f57dc994d9e8e6e463e
42912637915601d02410e2d9831d237a762b5a5f2fa40c5d4c7a7d537eaed563
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e0e2479c7e3a86a4a4ce786f941304a58c932744eb122c1aa3f96e2db5fe07
452756306e2828de7e34cd35e4f027b82043d592cf06437b4892448f117d7493
45ac92896318b9fdb7f289b94f38e5862cc3101ca3ce01e4ecc7dcb9739479c8
4642db3426a3505b800673e2cb11929e10518a34c8577f782ec60ae29b207574
486991eb99fe5048b414a1c4197e82515378621b810787e92586d2b90667ffd7
49268f276dcd172e6c9f906822a014df9390b1cadac19f39ce68ef8720bd1cbd
494a19b10a3ab4179ecd37b74770ad0dfe7106d1cb7502b1038d4bda2d4e8154
4cd14983bb3a2f7d9fc6792e9621006837f7de3fc6ac04bf639bffb3bf6c8ec0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f35ae9c0191b08280b7a2990fd918e5efb6c76f642b2d7e66559f727531c61b
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f50a6dd9af2c418d66e84372c8fc5e6ada470c01c38c1792136d9ff7ff34f98
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
507a373b3125166c3084fe1b1d0b87d3680f10a9c1cd1cadfdefb5dbe2723a09
52573539faf65d5bce3b8bd10de77ac89eff2b8194656a858d95f49db6364e5e
52ffcaf1a7779c528b4ec52ec230165b9db65041f058c4e83df9d150fd02985b
534a3fb8bf30cc53dea10b18221110534e7bb20a8dd8b2030d1dadde443dea6e
53699db5a21871456995b9892f05f6089973e7b6094b7246b15319f2bd66ae8b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
576ac42a1b9134febb315c59d621b1a71af526b7b04c95310594fe19d0ffa7c8
5827a94a01fee9bb5b3331b00efbb083275fca57a4403b8ec56658df034be1c3
593b71c933854383f8b1c726c2bccb4750ff298b8b2c552038bdc06590ea6164
59ec7f2bbccae5c6d73de58f499c37006c4402d9e0ec7d39f1a5a34185bd8e7f
5a89ce7ccd4f2293c08edebb6b13de296dfc47ba299aef8c783e435a36151a4f
5a94583249f6f8f5e4b8177755a6e8d3980adf4521005f90269bb2b3f6fec4f1
5ad700ef94084146deb9d4de4a4a387ebbc8fc56c5c3ff0c9a96aec67efdfe61
5bbed529149eb4c964cc90ea5328b75a49f8fddf4792c4a336f45ae0a76fb2f4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5c619681ccbca6eee2abdaf0dabb56444fb40ad5f7e89761fc42d92b05b0bf46
5e485b721c5360b601a3aaeaa6769fbc9aaa7b9d46cf730fd0e05e2765de4f94
5f33f9ff91d186e1ffdcbdc263b39b0b263528a27debb3cdf3e174e7ff041e42
6056b750bcebb04497386750a70276fd72eac943d1e351dce1784d59b088d4e3
629ad02d4285d24f8b267a7aef005d1acfd5c6eb7351e48daef3937c29e792a3
640fdeff1595feb4eefa738c9ef91f011b9bdf74b22f86c62204e3803fa2b157
66333e27cdcbaff330bd7c8acff2846f782299f6988fea38d3587a6ff6130149
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69b2f87a9043a80a2953270957554b5cc36c94a31ec930aba91077f7246e7991
6b51af1afd411892ac3cd891a4bf9448ed490ebb9081ee1c67cf239940aa7332
6bb1c1f188753172b2c18c7d2e6cf1c1ec8220fbc9e75e34be6d115d09d4c6b5
6c334c8fdff8221022bed6043e0d7f3b4e4c9375aee83549e4f9a0c44dd54bfe
6cac9e42f9bfcbea6b68311c6b87179c7e3f1750fc4283710f49600b403ebefe
6d4cba4b2280d1eff1af9db591b8528f15429932462d7dbb2137251a8a304231
6f61f2225ad4e7cc6b5ded0fb7cbd88b122fe203f844c0a5c97e0ebabbe5c819
702e4f62c951cff1eb44a078574a27b195f31e848f22361757c9f469e4758e1a
73a50e697808b9386152a5d8d013c4545ec0fe1a78db6f63f73cecea08d05414
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
740ee07b88ff039d6e900bb53b847eab2d0e4ea0bdc0281f154eecf399a534fe
748fb0f535901214a2dbe6c8df962d785ff4614c00e576eddbcc73ffd790feb3
755a031eaeb32170081e04ff2f614f99ff4bd102cc915420bc5f503368a5c716
76cf209ad2b2e77d41db6b60874c228d99f23877b89e0d0ef802ed3eb88fba73
771960e3e360d91710834071e30f1fe5c0dc53001b6c008d02d4c948b6b6091a
775c5c627d0469071ecd62930a4aa051477777fdbf08f9be1164977bf9e381f2
7868fe105f1ff675bfb1c5d7234ece6986365f533b7ef0b735509719e0018e32
7998fdc70409b584aaf012c1ce11ec0365cffd6881f112d926afda280180f6ed
7b26e5a3d73a8edb3fb593869589af019a53e90426b6496c77500a0454202854
7ce7840115d5d8ac6fd46a22eb7e951f3356b6b75f8fd0255ba1d0d5c9a942de
7d9f7c63cbec923471639016a0fc5ae9344c51757b2324eed9d9c8fc44e37df0
7ed7e2a48c95fabd4637c9c08057aa38f83c3d95bb0d62522f5cb73e95d730fc
7f0e7e41c56b164b8b817428d90edfdf0722cfebcd0e87e0fe04ec0db56b40a4
7fdd73f58f229767006930e6a13ce607ff4ca7cccedb6e9cd42c1dba35a830dd
811ad920917d8826892c52f907521945aa1c57f0e0713398304aaaa0b2dde69e
81daccb08c9f0844fe965ef27b1d7db003ef0c0bff793b72de2f81b1f3953d82
8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78
8235800dc2b8aa1d14cc5810b8df272c8a0bc3ac6fcb2178aab5d993ad17116e
830f3fa54a1eacce2637b860e454179c53754ead46a0a3204a3e0db908f9698e
8419656d640bfc5438b0e128f98ef6b3ee284719136a65c4aab9ddb77264d8f3
8547df1bbef9ba5bdb8a0ded49162e71a35f770aed76c19451f58900a0cfdc78
85c5e268659293ca76dc38e8a618be934e0df0fffcc8592ae6066f1feddb4901
86e467735c7c594f72fa0a2adccb89a36590f601446fdbf1de3f0aead46c7b43
8738d32dcc3538dfc61ee4bc586646e35d28e8e2b9f24b025f4c1b88ef98b5d8
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
877c61f385a6ac069243e2244e1377a4f70429df958d50539c4ac3536a577967
8875b21a56088a270e20d9e844da4228efc45cf8e8363762987646e51f902ee6
88b51c85723796c369b2421b7fe10628029238bdd05aab125aa85c2c5496b7b0
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
8afcbbaa126259b9a3178fa0f5229a0418b42d6837c91378538cdb8c521a7bc7
8b434939e28a78d9b8b264417e15133619b38e6acd871b7ebf96dc27b89e268d
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d8d66dadf5d6e207bdcc4d66e8ee62cc14a5dd7e3e500c7adf20294f47a030f
8fbeee80ca23180ab04a01de8501ceb01a0326ba2042b0cef3620c17b9904ee9
9015d2fa1bc584fa68e6d621531312cf691cfd2660822dd2d1be799a1b37f674
912278fba4f0a45aaf2a1c7468e7b193f09f26c15d6e12d75f5f202605993a70
916fadea43544bc449ba92e0845f54a35649bdecfea11cacceb3bdc94b18b005
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
935acb1e6cc438a734a4262280db05d94b91fe5ebb1a3c7c56bd50946a1c1832
9365b8feee36f938d87c3156acf4f6e2eb769a66bd66b96821af95acc26f3774
93a0ac4563d3cba9b6b541b263a86449bbc3049966e755dbfcafe8b09d26beb4
9449c4abca07fe0b7fe4e99d87a3f0b86f1d8d579e9abd4d6eb3b57671151944
947a0b42f92fbb0cae899c39f7e3d705bc49398a5e560835d71251e36e8940d2
96cd14a2f15d1df04b2d20efe837976eaba9259c83275a9c9fc616162b516a43
9789af6547b842dc813a19b0404e60282023caadf7baa93e41f68a7298943eff
979cd5c0c81121eaef99eecd8d2574e4a1f0e6ee887ae1087ce61cad8e6ef56a
9901badf09483d6ad4cdfe83e63e481abd43d4c91b087421d081549f36b216ce
99c1138f8c7b5a9f076bc659783538e985e4ba34f13b9d6a9f0ccd0aff7cbab3
9a0cbf360fb58347a6ffd0bd4a10dce35b9dd1bebee4e63c6d77f52aa14af7d1
9a57d01379b4c9b8e4bda8f84142c4b67d412eb2a29fb85c79f710df5bf1b28c
9a9fcc4389ed7697b040e16482f99596c3f9f1684ce89922e7b3042a9d5b979b
9b0fc1d3ea9c86c50e868dab2eb66e83dfc939cc0d4452e933e585c62af09447
9c3b35a7dbfd775c1d6e666e5232c0a56503ab7fc2aa77ff6aea57fc338f0e42
9e91771d122c93997150bb85658da6a6ea11b64a849b36c80e773b5c6e792f43
9eec75b207adaf73bd0026efb711af72d3c7c204211c93964bcb3a07fa466c0a
a1171b988d047c7c889af5f0b3d74f142994dfbff1b5822f5fb43fb7a8fa9ef6
a1e205333f74005c4e1a725aff46b1eb91310d333e89d2eb55e436d4ef3e4f0f
a1fcc4f6cec9a05b196cc17a37734ba5ecd1adda50c4c58b7a0f03f3d8ff82b0
a34e68796feb650977daf139feb1e1a43101bac68661c830ec12853b483ad4e4
a463b5ba7a2b9679b3fff4d2dbddb4d30ba0d539be7f02f677ff5f3dc86cc3fa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
a63a132152e58a9f02d9fe38dd8d9d2ff7855d9bead02b7370c67c5468e13444
a755b88ac8baddf452d4ecd623f130a8d08962c41d36bec0ecc5e9e0ec6978d0
a83748df7009f64c8326d05461d264f6d48ed6ae2b33f6d5b7d1201137342fb4
a86465a62204650ac8427681000213f27a2af3fcd07cd49ac7074660b88dec6f
a87a093d8b948413ec58addc6ee9e5055ec2ece9b2e59000cc54afd7708c3d91
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa713dd5442f081d2679694605d2f52c4e2f0ae5cae4bfe55082ea2edd7e14f2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abb8dbfe0280a3ff0887080db7afffa8f8ff04795e564d8a24d0fc6268d95211
ac1e7257a75f95079823aeee2f9602cb401000105d8664172d159eaacba4800c
ace8dc743aa7c2da11e40e674f41779b76815cdb796ab074d3ad5d8a5ea87721
ace9599075739995c9f54628913ee3a67db337ad96e427fe56a72882a8288e1d
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
af28c589903c9dbd47d72546f39fe014e7c9b6ca9c46ea3364663114fc460fe4
b02fbf07a770097c0eb14e6ad03e36e46a8316bc72c4cf7691f541f6c3a753c0
b0ea80959be5248cda53b03dfd9e3fdd5b4f1975a412dd093a63e70fa504dfd2
b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3
b604fbd2e5000208a0c00b8e782a4aa6059284c3087d74a732e8e7f9849b96ea
b699a2c1d0b87bc0a22cbe52062cfde77e8b4be9442e77077d90d7dc1599b507
b7bafa2c8c40a91dd028ae54aaa71728595949a25924c44c5a8019467191370e
ba4cc0f737fea3481fbcfeced183ad289b2a5168966bf2271048d7bfabc145c3
bbfc9f874e0fd65646e8e3d5f1b5cb083af4ca8039461be9c41b6e0b6c1369b9
bc1924db34aeffcc585ca8e31aaa39b155e7208ead668068b482159bc89af563
bc75c17033ddcecf717ed63a71a43ce40dacd3502f1b65734df657aec3314619
bdc494d08be9a7f1e0bd4e966a160e63758f39febbdb42709efeaa9341142529
bea6596b181540c40068850520b79354250b4c0b1ed8ad5ccd72d419e83dd6f2
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfe609b69e3f627aa6c5dd9819cab81012ed54e709d8e4bf95c1d8b35bcee58b
c0315fc35d0d81f93b0342ea99eb7bb7bcbc345c57ba557da2fe74661a04ba82
c087e1211511e947cbed9ca722f020b9aaeaae83952bff8ea1cfb9df24ae58d2
c0e2c9cdb3046528146a95d845f351c2c31f38bab60fc2a206ec62bd516ca0f5
c19a186bafa942fd9029d16a1fc37d3277d09ee82ad0078981b78106d523f760
c1bb68c7b6d39bfb39c481e3c09228f53cc780cc28ff048538f0e47d54ccf678
c1dd3b99c038ba78c7bc687109a5976d89d8d16ed405f9fb821547de9c0174bc
c2616d21ba0daf334c75272c68265bd3af70eacf2b1d2aee74ffef55a4bc6d5d
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c334c496e0dca99d37eaabf0e3a251080618ac108eb3b782a43071c6ab7fca3b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3fb9c89044adb85e4a0638a5b0a091c3586da086700de8290a1677518a98636
c642999def5cd81084e1abaa642dcbdae6804befbe85760f28c84692f3cd6e9f
c75c8fbf6ed4bf8468077d9bfad4aa8b7d44361b02df26cb77aff8630a17c1d1
c902f998e8533e4968465a85bfae12860a9236881e698ef1e0a0f6b8db20f1e8
ca26cb11baad5ac27f9ed9b7f5e909a0a180e39d9c27bc0f8999a882e23a53f3
ca540d0bd996ccfec5e403cddb7c2b07c0d2349369beb7e014d0befb0f9f2ea9
cb4ae5f88f35aa586daaf8bc32390ff48edf1fcac9f6216657b60ec0b9275e3c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce2963b114cce98823b273f5b913d69a98b81a5a31d8afe6cb367b353d8d3250
cf0ef2795468e1989c60f13198f7b0b173afce52bc9f5058c4e967bda36624d1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9c1944df885441334278a123405963aa70a0a841ff577be9e19fad3ca44f4d
cfe21635e4a9cfe8c7779426de00b1935ec0248dc541b484bb54cc57cb62c595
d0b1d174dcfe0f4debd00507035bd93956478c70afa4557995ebba27792114d4
d0bf17f3ec8ec68ab7ce708e948d71b32e765bc367225e607658ec582316aa70
d14c37fde58750659600f73828b24ebc38e00e17fd072367c6a704072f2434dc
d35615d0a42866b2f386526230da46a9e3b26f2ebc74b3b454a5bde13a409805
d466a74ad513a6222da9ed7a0022e57c96660b77f80671cd79154137fe8ca3f4
d543d916579a0e107a93abc17ff477dea37cbae1e072fc8fe2e5b54cde12e4f8
d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25
d6ced2d066935a4550fefe90e4a07e40ad503004724ba900c080bc127de24675
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8cde61dbe3c3d8e54fabb40b44c5007b9b2c8f38369aa22182a9d367a3ee75e
d8ed0f5e35f50e97bcfe50eed0eac8e1d3997128055c943e35d38edd8d0aa773
d9f29f124bc11e7061c59ce65c6031499a2012e68d6cead08742981c9caf8e81
daba97ce8a337f024562d6f409ec7d6456f2a6f6ee22cfe31aa812ca8f9e2ec2
dbaa885671262eafee5715ccbd20adc9535722619f741a506e09b64e27d75107
dc79073590ec90a44e69c742bf63f132d82c9b04e0135039ba32e7af5cbb0715
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
debc7dd004bdf2708985d11dbdb0df110c07df0d6889fbffcf1c0a9965a5aec9
dee33a3435eb444a9134d7c5292ec1ab8fa966125b8d1a039613baaa374601ef
dfaca908ff1fd6fd53e9bc9f78b8345d74350e3b1f74ea56a99d970f152413df
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e0f864ae121094566f4ee3533086bc9c87ba19732e6deadcdb849e9f8e522e0a
e2fab1d8fbe2b2c340827ef2cf162707e7363a184e301750a59f285b81388133
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e
e442d3cff81385d9bd436da041042ce5ff04982953644cae0faac680e7a2cb51
e460a35cc5301ce498bafb22edf4131c69f17ce294fb1d28399ea7a086204bca
e4f1e5807aed41dfe3ebf34dc2c585d71e1bcb7ef380db69a0258b5436318bf6
e51bad4e2bdcbb35c1eced127a99d7a0aa201c6c8700c9dbeb0338127aa642ba
e54d34f46333955762d65d0d4a00e2b4316a6e3803ccdaf5240df7fc32a45a7b
e5d0f99ec5cfa165678307ece3349c2fbd8a3f833a11c23223baeb149fee85b8
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7342be2d80980c0a54f035951e158a59fb79a493ad26bb9f1be53f3b1c69bb8
e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ecdb2233054eea15e54457f5d72359c4efcf68f17819ebd70b054c82a3d72343
ed5e608a7324625de513de4de2cbce4e7a7dcc126f0aa283f7cfff711b50b273
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea029d645143213ae1d0ed27a92b8178686c142ff28833621bc79535ef1f6dc
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05c3fb432504255b449f268e8ae66094ec95574be44af9fde0b7456f96afce8
f1b76c1354c94a1886918771ddb37cbc8e774363f374aaec71b20aa23e1771e6
f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f
f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513
f4ccb849966972d315a713c61e8377694648d6d8b975fdc3fe001a682a02bcd3
f555802c32c4b86c5c83cf3a47fc408d1df02a5bf145f7eed7bd879926918414
f5b15c28a09f94ac5fd2673963ded02cdff55226e4b7637048d909e439c15d7b
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f81850630926e63223f00fddaeabec95661a40c8c3bdeed30a0c82224b973277
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fa98057ed70e6196bbb3b4b96379e45c3a9dec943b9c43d7cf09ebb869cecc3d
fb96b1d7f8e744453af9b215ab4802e1bbf033988a9dad10bf4b5cf761b5ecc6
fbd71040fcfdf7716e49b35e8ab15b0e2db2777e7fa7f2450be8cbf598bb2997
fc963e17119d547b93f68132afd9bd0cd4ccff28ee9a7122b8e4f89c30dd5147
fd0aa03c426905fea9b0d6bc2650a37dda132a705bd2f040fc0ff4200e4ea53c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd5406e473d7cdf902685683a7c58926b1e83da05984630c115c2ceea49a6e18
fe1f2315a24c0f3ea5646738a71087bd616af2aee8769267ec035ad9a31a02a0
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fee1d8ef12749384e8495697689fc001cea3730189b8469b24dc1e4e2945b861
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffdba87af113fd6db04e997ffafcd03e5559c0cb5a7818af5fd29d3b0dd1cbb6

clubdeofertas.lojaintegrada.com.br Open in urlscan Pro 54.234.62.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

433 Requests

100 %HTTPS

0 %IPv6

54 Domains

73 Subdomains

57 IPs

9 Countries

12769 kBTransfer

26384 kBSize

34 Cookies

5 Outgoing links

Page URL History

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clubdeofertas.lojaintegrada.com.br Open in urlscan Pro
54.234.62.20 Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

100 %
HTTPS

0 %
IPv6

54
Domains

73
Subdomains

57
IPs

9
Countries

12769 kB
Transfer

26384 kB
Size

34
Cookies

433 HTTP transactions
3 data transactions