www.gtaall.com.br Open in urlscan Pro
2606:4700:20::ac43:4a93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gtaall.com.br/
Effective URL:
https://www.gtaall.com.br/
Submission: On November 03 via manual (November 3rd 2022, 12:35:20 am UTC) from BR — Scanned from DE

Summary HTTP 147 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 147 HTTP transactions. The main IP is 2606:4700:20::ac43:4a93, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gtaall.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time www.gtaall.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	2606:4700:20:... 2606:4700:20::ac43:4a93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 37	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
147	18

40 2606:4700:20::ac43:4a93 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gtaall.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gtaall.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs4.gtaall.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs2.gtaall.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs1.gtaall.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs3.gtaall.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	615 KB
40	gtaall.com.br 1 redirects gtaall.com.br www.gtaall.com.br cs4.gtaall.com.br cs2.gtaall.com.br cs1.gtaall.com.br cs3.gtaall.com.br	525 KB
23	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 ad.doubleclick.net — Cisco Umbrella Rank: 208 static.doubleclick.net — Cisco Umbrella Rank: 421	2 MB
17	gstatic.com www.gstatic.com fonts.gstatic.com	278 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	281 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5673	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5594	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	698 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	43 KB
147	12

	Domain	Requested by
37	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	www.gtaall.com.br	www.gtaall.com.br
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	www.gtaall.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	fonts.gstatic.com	fonts.googleapis.com
7	cs1.gtaall.com.br	www.gtaall.com.br
7	cs2.gtaall.com.br	www.gtaall.com.br
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	static.doubleclick.net	googleads.g.doubleclick.net
3	cs3.gtaall.com.br	www.gtaall.com.br
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter.yadro.ru	1 redirects www.gtaall.com.br
2	cs4.gtaall.com.br	www.gtaall.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.gtaall.com.br
1	gtaall.com.br	1 redirects
147	23

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.youtube.com
www.gtavicecity.ru
www.gtaall.com
www.gtaall.eu
www.gtaall.net
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.gtaall.com.br/
Frame ID: 0288B2F1C49F1A64419941C6E90E4AB6
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 9CB1746F3DAD711A24E4CA9228A70D90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=2612975548&adk=2042673336&adf=1199159007&pi=t.ma~as.2612975548&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714289&bpp=4&bdt=341&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=7253037583563&frm=20&pv=2&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=INa7HVt8cu&p=https%3A//www.gtaall.com.br&dtd=182
Frame ID: CA9A3916959565AF4C0FBE5134E70DB4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3661037841&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714293&bpp=1&bdt=345&idt=199&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MWGCegSRD6&p=https%3A//www.gtaall.com.br&dtd=202
Frame ID: 34F083FEBA4067CC86F6457267724868
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=8519908347&adk=1112064495&adf=3397273128&pi=t.ma~as.8519908347&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714295&bpp=1&bdt=347&idt=210&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AwjTRybop1&p=https%3A//www.gtaall.com.br&dtd=213
Frame ID: 20AE56240B92FC2BC084BA1DB40E9121
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220
Frame ID: BA4130D6C153878C6C29FA8E4C46C3C1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=600&slotname=7337998696&adk=2963125940&adf=1769670598&pi=t.ma~as.7337998696&w=300&lmt=1667415222&format=300x600&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=232&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=mYL8wQfTSg&p=https%3A//www.gtaall.com.br&dtd=234
Frame ID: 0EE967B11D7FAEF2C309BC091EB7EDDD
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240
Frame ID: 739A9F770378CEDB7F6A4683C2EE191A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&adk=1812271804&adf=3025194257&lmt=1667415222&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gtaall.com.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714312&bpp=1&bdt=364&idt=228&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600%2C1200x280&nras=1&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=234
Frame ID: 276D4CE83F5875ADB5E9281382D99711
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6908885E87CD8BA6FA61F127ACC6A3D8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: A5A442E2D21750869A7C54ACB06B8886
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: E1BA7A82CB1D847F2CE794453BBFED3B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 188AC6897933E421CBFC9E56FDB5FE41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 48FAB9DE83FAEF166DAA19B3511CF43F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 3BCAC8EA3B3CD9A6648BF9AE86101218
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 0662EB3FB53B0A1591610B09FB77F559
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FDFD6D14C42364457FF179DD583463AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1CDDB6369256CD47AEB49DE3BA86078
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GTAall.com.br — GTA mods com installer

Page URL History Show full URLs

http://gtaall.com.br/ HTTP 301
https://www.gtaall.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

23
Subdomains

18
IPs

4
Countries

3398 kB
Transfer

5626 kB
Size

9
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/gtaallcom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gtaallcom

Search URL Search Domain Scan URL

URL: https://twitter.com/gtaallcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gtaallcom

Search URL Search Domain Scan URL

URL: https://www.gtavicecity.ru/
Title: Русский

Search URL Search Domain Scan URL

URL: https://www.gtaall.com/
Title: English

Search URL Search Domain Scan URL

URL: https://www.gtaall.eu/fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.gtaall.eu/de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.gtaall.net/
Title: Español

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gtaall.com.br/ HTTP 301
https://www.gtaall.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://counter.yadro.ru/hit?t16.2;r;s1600*1200*24;uhttps%3A//www.gtaall.com.br/;hGTAall.com.br%20%u2014%20GTA%20mods%20com%20installer;0.7508074430050187 HTTP 302
https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttps%3A//www.gtaall.com.br/;hGTAall.com.br%20%u2014%20GTA%20mods%20com%20installer;0.7508074430050187

Request Chain 98

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345105827;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345105827;dc_pre=CJLQ74vikPsCFZpt4AodeZ4How;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 116

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA HTTP 301
https://tpc.googlesyndication.com/simgad/11451250718949484972

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

147 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gtaall.com.br/
Redirect Chain

http://gtaall.com.br/
https://www.gtaall.com.br/

90 KB
16 KB

126ms
45ms

Document
text/html

2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f0621b44c176978c3d0079f7b9ec66ba4bd1e0c2adae787bfce48d22c3e4fb9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2201
cache-control: max-age=1800, must-revalidate, post-check=0, pre-check=0
cf-cache-status: HIT
cf-ray: 7641075bfc2a9a3c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 03 Nov 2022 00:35:13 GMT
last-modified: Wed, 02 Nov 2022 18:53:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWhL2xYym1z8vR%2Fsi7%2B%2F6CyHEu4u5l7s3Urt%2FrJoMQKnrq5AByqL7VeXkiccN9W%2F04HyM4qH%2FW7h%2FlKanW7kWm%2B3XqeE0ctO%2FsxYbxfR25b7kflqxd4XERdk7YK5QtCLUfe8Gon7qcD0LiOQQ5Or"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-beta: 1
x-uri: /

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7641075b0e319962-FRA
Connection: keep-alive
Content-Type: text/html
Date: Thu, 03 Nov 2022 00:35:13 GMT
Location: https://www.gtaall.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYtRKlcWwprA8EI3PV1Nw%2FjUBLtjW7gavrYYmU2lJjqNcxTwKJksoPK6FFnihNc1m19MughI5ku9fk2OVLomie0AP5qt6%2FWCfPPIdu2%2BG8NNubHYahpiLX38Ghnulc%2B5ElMZ06%2FJRm%2FOdjk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 217ms
50ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48180038-1

Requested by

Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c33367b682dd899f512594e15e957bd72c1913b33e55eb9241da08c825ad8e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43660
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
54 KB 226ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd3f17af37862751a0c8d5fcf2bd7073a2d2b24fb00a19211ed36c186e166f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55218
x-xss-protection: 0
server: cafe
etag: 3033207169625757910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 81-preview.png
cs4.gtaall.com.br/backgrounds/dca7868c6a8732bc0580690fe4af039aa41f4b15/ 120 KB
120 KB 97ms
93ms Image
image/png 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs4.gtaall.com.br/backgrounds/dca7868c6a8732bc0580690fe4af039aa41f4b15/81-preview.png
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc7bc427f15a7d5469b5e350554c5e6c4ae5e14b4ac25e9688b40d8c6775487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201
cf-polished: origSize=140215
content-length: 122495
cf-bgj: imgq:85,h2pri
last-modified: Thu, 05 Mar 2020 19:09:12 GMT
server: cloudflare
etag: "5e614e58-223b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksaE7cSyhd1AN69QYBd90ebvzTvw7zAAYjsN0fFkmf0gVfwDX8C8XGv%2FlIeHIFjRw%2FNKOXaCI9aVSbOzzy7uR1PtFwjfeJiw%2Fii7v666pnCMQvGR6jc4ouHlMeJMk59Nu5KXulw6FsD8ciGH4GWD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad169a3c-FRA
expires: Thu, 03 Nov 2022 23:58:33 GMT

GET
H2 200 84-GTA5-Native-Trainer-New-Version.jpg
cs2.gtaall.com.br/backgrounds/942608abdf1d0eaf3830c444cd5556d1bafa2996/ 28 KB
28 KB 97ms
93ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/backgrounds/942608abdf1d0eaf3830c444cd5556d1bafa2996/84-GTA5-Native-Trainer-New-Version.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ca86ee558af4d94fdebfcb45d62de2ddea5f83bfe3e664440b53c40b7a37ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200
cf-polished: origSize=30108
content-length: 28303
cf-bgj: imgq:85,h2pri
last-modified: Tue, 01 Nov 2022 18:18:29 GMT
server: cloudflare
etag: "636162f5-759c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JDm5%2F031A7Kll%2BxJ1UTidEEVRGyIkMp%2B0E6gj70wFE6MQV9%2FXTg73%2BhRockjrUk%2F8mo4Sace8oyIx1r8sM8brGXNCkqB%2BqngRPdEbnjHfBB%2Fs4PS%2BsiNUMiHxLekDLuhmKjr5%2BZqBtxEnS6tUv1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad1a9a3c-FRA
expires: Thu, 03 Nov 2022 23:58:34 GMT

GET
H2 200 3678-gta-6-news-and-rumors.jpg
cs1.gtaall.com.br/miniatures/small/c81b2b3b79beeae951d646ae68169a4c30064eed/ 2 KB
3 KB 99ms
94ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/miniatures/small/c81b2b3b79beeae951d646ae68169a4c30064eed/3678-gta-6-news-and-rumors.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d0e6e11b04fe5188a77dd084720cf70db5b6cb65f03eb089f483fa48fc455e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: degrade=85, origSize=2580
content-length: 2524
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 22:26:50 GMT
server: cloudflare
etag: "633cb32a-a14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH1IhQ1i9ySj%2FQii1%2Bu9qWIVaeHUaXv3rGgwEpYyYUeWCx2ir0o3iGowVEL7gI%2B0gXtsr0dEO6hx4qyrUSUCsDMDzcVeiCzejRmsY7vJWo0ybHyMTTzPWS0ZHHldzIuLPG0U6fVXBOOZRPrwcQlI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad1c9a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 3676-123.jpg
cs1.gtaall.com.br/miniatures/small/b5d55d083fbfd06e2d7fda6bd13a0f530f9a4d3f/ 4 KB
4 KB 100ms
96ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/miniatures/small/b5d55d083fbfd06e2d7fda6bd13a0f530f9a4d3f/3676-123.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef487a729d0d4521fc02649c35c440ef83388b4634034f7b8451eeb2fb0426d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: origSize=4071
content-length: 3634
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 22:28:14 GMT
server: cloudflare
etag: "633cb37e-fe7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6O%2B5RLlVSuH8Yt1v9EzWz5sA4tl4kkuS4VaerkUXv%2Bmoyny2vjV1zpnSvBwM07KWYaB9XCO892voffdDmDhLEipUqKWlQWCQAkD5N9lsNS8WIx0teeT%2F6W8ddKfBv9%2B51U%2BnYoY7zqB7KW21h4W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad209a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 3674-11-1.jpg
cs1.gtaall.com.br/miniatures/small/d399bdff410ceb0de720686177ebbd75fad7d76f/ 4 KB
4 KB 98ms
94ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/miniatures/small/d399bdff410ceb0de720686177ebbd75fad7d76f/3674-11-1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9781d1be7986df2915bbac2d455e66b36daec9805dafdd69b011ecaf7d970e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201
cf-polished: origSize=4456
content-length: 4022
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 22:28:14 GMT
server: cloudflare
etag: "633cb37e-1168"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxdE7OAogy1Lr7JoHBEFb3EmsLZRfzI7MU2VJ2Ld65LdnPx5QFufTaGYOq3B5M3yyesf9KQN0ab%2Byxd2gh6hbWDp6qPbKL9s6pJfAD6aMuG2vAkY%2B0q9qdylwclD6rArCdoMJqSSo4YGt407YYbz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad1e9a3c-FRA
expires: Thu, 03 Nov 2022 23:58:33 GMT

GET
H2 200 1131568-gallery1.jpg
cs3.gtaall.com.br/screenshots/5a9f9/2022-11/wide/bf8d5d05869a27f268e021a5dfc02ce28ee7f106/ 14 KB
14 KB 98ms
95ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs3.gtaall.com.br/screenshots/5a9f9/2022-11/wide/bf8d5d05869a27f268e021a5dfc02ce28ee7f106/1131568-gallery1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8017e649476149fdda869d459e3eb9f9073dbaa717f73f530c42d4fc42fd2ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: origSize=14851
content-length: 14159
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:59:14 GMT
server: cloudflare
etag: "6362be02-3a03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWFvlqtj7X5yxS9RMluMaqLDZBxpIlpPrVQfuZeUBFej8nDuuSHvX%2BNt71dAZ3gRu901xXZI3jkmbjyGDLLsRc92vxh0S2UABBxSbUM%2B4e24IqiHGQhudgaqo1gkp17NMFZ7oD6%2FnQK5WWYVg855"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad219a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 1131565-gallery4.jpg
cs4.gtaall.com.br/screenshots/5a9f9/2022-11/wide/fa02f3d3b23da0e15dfc985ac4bf1cffbb77f191/ 13 KB
13 KB 96ms
92ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs4.gtaall.com.br/screenshots/5a9f9/2022-11/wide/fa02f3d3b23da0e15dfc985ac4bf1cffbb77f191/1131565-gallery4.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c1dbc0ec08559a8113dde5e53e113eef635525e327a3814fc5040e39b50c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201
cf-polished: origSize=13686
content-length: 12812
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:59:14 GMT
server: cloudflare
etag: "6362be02-3576"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsXNiveWFZ%2FiUvRJxFW6iPSh4xhZDAf9NibYZvkONCsGy4agmq6dOXKq2reivgHBXBRVrmo9DvyeEMV3vXH35Q4yTdB0WpHEEYd3GfvYtC2V7dYNixroYQhtxPSedb22oo4KEj6kwHd4xWtjXY6d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad199a3c-FRA
expires: Thu, 03 Nov 2022 23:58:33 GMT

GET
H2 200 1131562-gallery7.jpg
cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/7e7b7044b4993353cb84e8a590719016cc41020c/ 14 KB
14 KB 96ms
92ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/7e7b7044b4993353cb84e8a590719016cc41020c/1131562-gallery7.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b24e51ea8905cdc38504e28d293054bb5fddb54b6308ab7ef0d27de80b3db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201
cf-polished: origSize=14935
content-length: 14215
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:59:14 GMT
server: cloudflare
etag: "6362be02-3a57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yadaPC%2Blm1udnmS7HaSUNXRmJ0Ufl%2FFTQtWbNSZwxx7y%2F2UIcRpj7d30XstgvQAsPcNnVbe45IuAIOb18IsuN1ZuhHIkugwGKS1VEThB%2FQEjHPZRhsiJp%2BVfojbjp9NOggEm%2FoSlNbULPRcuzs8D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad1b9a3c-FRA
expires: Thu, 03 Nov 2022 23:58:33 GMT

GET
H2 200 1131559-gallery1.jpg
cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/78fcd96b1c87286cc0c91efb11efb0befd15c1a3/ 15 KB
15 KB 76ms
75ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/78fcd96b1c87286cc0c91efb11efb0befd15c1a3/1131559-gallery1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9675eab6352091614a81f87d9bfcbb9131e14b8e5fa6498c0056ae87108a7514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201
cf-polished: origSize=16103
content-length: 15334
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:49:57 GMT
server: cloudflare
etag: "6362bbd5-3ee7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIoyV87ii%2B%2F0ywKaQ0kI%2F6BynxH8pHLrLI0zKRify3fHF9gQCxrttZYrIh76E3%2FnVtHUe3B8rcpXF1DkKbEpPVUva9mx5FV8QPdvpZhIof5nUpkZ%2Fr59QSUxswn2e9PRPcjZG%2FmysQkdvI7x4EU9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cbd2a9a3c-FRA
expires: Thu, 03 Nov 2022 23:58:33 GMT

GET
H2 200 1131556-gallery4.jpg
cs3.gtaall.com.br/screenshots/5a9f9/2022-11/wide/1c1deb255acb7472c04a43d3fb7d99046572c179/ 14 KB
14 KB 74ms
74ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs3.gtaall.com.br/screenshots/5a9f9/2022-11/wide/1c1deb255acb7472c04a43d3fb7d99046572c179/1131556-gallery4.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb48946a2db85c1c4992af2737abe6856a152b248469d25bd446b4e92d29b5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200
cf-polished: origSize=14832
content-length: 14072
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:50:05 GMT
server: cloudflare
etag: "6362bbdd-39f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FWZMSTsOeTyWIAsQBy7JsDrlDS8ozCWApwQljbkeII3JMxMmsznjIx6V4K1aWrAcuV4NZc4K25L%2Btk69K2dph%2FneNHJSC1%2F265IFsHBMujkjBFzsXe9cGlsGi7rjZ%2B6Hr6Xn6IC0YCT1i9zysKB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cbd289a3c-FRA
expires: Thu, 03 Nov 2022 23:58:34 GMT

GET
H2 200 1131553-gallery7.jpg
cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/b3f18d34ece8e883007e20c79fe6d7d736e0627d/ 14 KB
14 KB 74ms
73ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/b3f18d34ece8e883007e20c79fe6d7d736e0627d/1131553-gallery7.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcf6b619531fa0c521179654ea4d26f93d8f2a73a78e293243ab66df4977a427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200
cf-polished: origSize=14591
content-length: 13830
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:47:23 GMT
server: cloudflare
etag: "6362bb3b-38ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ial2%2Bc4kztGGoRllzPdQ2mPSvc6Gy768GW%2FFbpUhyS7ycf4tpJ0aSpXIDN2gQ08v1p%2Buo2bGeEYe5NpnZXJVD2mRscGCDS5azNrB8psNFx5SzXll22b64nykT9jIMk%2FfZ5rNRT%2Bq3QQ3G34j%2Fpf7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad239a3c-FRA
expires: Thu, 03 Nov 2022 23:58:34 GMT

GET
H2 200 1131547-gallery10.jpg
cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/96ac42d69227ed80635e2e709ab7db4d5800b514/ 12 KB
13 KB 77ms
76ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/96ac42d69227ed80635e2e709ab7db4d5800b514/1131547-gallery10.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936dc7473abc79bf808de09603d28991555b94816c345a5c9b832f345e24b3f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: origSize=13675
content-length: 12774
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:38:30 GMT
server: cloudflare
etag: "6362b926-356b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNXulsMdP3lNgM4WXlMAARdCzMMV3JXqCTQNmS%2FWzo8lhauEMgbTnyFfDuPXf%2F%2Fb4vZK%2F85mQfKXYKV%2BzGczbtCDPlg8I%2BFPLUzKNTDA4sPeecCb9O7m5kysrN9MPRw2CnWVQUn2bG%2BUCfZ5Ri%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad279a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 1131544-1.jpg
cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/109fe51214e410d678efd572f35768e7ebe8e7c1/ 10 KB
11 KB 72ms
71ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/109fe51214e410d678efd572f35768e7ebe8e7c1/1131544-1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8398a92c56c19723df11ece299429595593f415fb65aaf38b54b824e02813b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200
cf-polished: origSize=11288
content-length: 10291
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:37:32 GMT
server: cloudflare
etag: "6362b8ec-2c18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3Nb7IiSdrkti%2BLP%2Bpw5C8eI6QS%2B7vd1SAcOnIxwVukutq6AOxgPOsK4X6586%2Fas1K1ag8nrZD3wLSTXUbqhb3T62A6KRZdL8%2FvuybSK2pOXhWRoLtYNXQjVmjgXBXz%2BAqeOVuzP02UDhmgfcZCf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad249a3c-FRA
expires: Thu, 03 Nov 2022 23:58:34 GMT

GET
H2 200 1131541-1.jpg
cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/f3b636367cdf3c45e3652d13895f74bbc79f9ee6/ 10 KB
10 KB 75ms
74ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/f3b636367cdf3c45e3652d13895f74bbc79f9ee6/1131541-1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 649a87cc6e003e3b9b1ce95cc96ddfadc2d453465c13bda8a2cfecbeb9ba2f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: origSize=11125
content-length: 10238
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:37:32 GMT
server: cloudflare
etag: "6362b8ec-2b75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQOK1ZN8BjD4pi%2Fvqnar%2F6Wc7dB4%2BijvRfAt7XZh0wxDKd0Z9GrN8RA0H1U7dzs%2BZcQb6SFfOYNZsGsecvybzOFzrE%2BnsVp4VPk3MBRop%2FTzU0sC8O4w8Lye0tm8A22eBajcIcbt8dDCpB%2BLYFOe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cbd2b9a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 1131538-1.jpg
cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/a65069273eb4bd212080ab33cc979c7b22092fe6/ 14 KB
15 KB 76ms
75ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/a65069273eb4bd212080ab33cc979c7b22092fe6/1131538-1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696faf9dc92481e397e62309dfbbee3afc769a341e7776150913354880980cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200
cf-polished: origSize=15185
content-length: 14475
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:37:32 GMT
server: cloudflare
etag: "6362b8ec-3b51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2Fb%2F3teUXPXHJ1EEoTQ4rd%2FsZbCbDsOWHLZ7Ipdt6wiapG%2BVQ4ACL9%2BfHHvPNWgHFSj%2BcKxG1bob4eYCEgAISkDSNgiiJVTnjEhIaQWXvpMY5321ZEFAo03RWaKTf9kvTQrmoy0qGHt55YcsQdAR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cbd2e9a3c-FRA
expires: Thu, 03 Nov 2022 23:58:34 GMT

GET
H2 200 1131535-1.jpg
cs3.gtaall.com.br/screenshots/5a9f9/2022-11/wide/b1cbf5e0e8a171f0af5606e4ea02786230afb730/ 15 KB
15 KB 76ms
76ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs3.gtaall.com.br/screenshots/5a9f9/2022-11/wide/b1cbf5e0e8a171f0af5606e4ea02786230afb730/1131535-1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db49d704703d3a91f94dd078da377c0ff821542571031c68f93fbe501eb0f27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200
cf-polished: origSize=15868
content-length: 15217
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:21:22 GMT
server: cloudflare
etag: "6362b522-3dfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pixY8MVI5XEJmneZwatQntGCZ8C5KSnsfecv1IcH9tHM0mGIYLWHBbojmnUvsb23c8FNtGsj873Nc0aQ6yNSPggyXutujZGS1Vb4LmsUA8pBx5%2FBD6bgKKCpGtyIKtcks1TCFnb0WGxVUDZGYTRV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cbd309a3c-FRA
expires: Thu, 03 Nov 2022 23:58:34 GMT

GET
H2 200 1131532-gallery1.jpg
cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/e291dfc3c89f3cf3aaf3f317de2e2fd3cd3e20b6/ 13 KB
14 KB 76ms
76ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/e291dfc3c89f3cf3aaf3f317de2e2fd3cd3e20b6/1131532-gallery1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8101e101d31d12319e0aeb0b688ff3463663d86753600e98b7f1c0aa57a3b0a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: origSize=14437
content-length: 13704
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:14:48 GMT
server: cloudflare
etag: "6362b398-3865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbYMcF3aijWel0E5JD5tJYVZIk7luagKkC6fMECzubLsXcnlkbabSdQimWxMybwWMQQ66NF5kva8sAT4qdXfxsCoBNvIYeedI3vBLHOCtJjD89r4wsJGtN7hb9cupeS%2B%2F%2FfR548OZKvb1Kpq19Qb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cbd319a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 1131529-gallery4.jpg
cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/11cd2cbfcb898bfc67572a3f6021f9a1631d6e2c/ 13 KB
14 KB 44ms
44ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs1.gtaall.com.br/screenshots/5a9f9/2022-11/wide/11cd2cbfcb898bfc67572a3f6021f9a1631d6e2c/1131529-gallery4.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a16be77c773c32a19e122aa7957f32071f0285c4acc9a152dfcfeeea3310f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201
cf-polished: origSize=14311
content-length: 13488
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:12:15 GMT
server: cloudflare
etag: "6362b2ff-37e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TP3fmuev%2FuZ3skWDZg8VwGZp99ynEMa%2F2GL%2BH7Z2%2F7YCnLRa11oDCx%2FyUPricD9Ozi2Cbq2oTOU8HB6%2FFTgqK3dPWhMjPXOlX2P7vJJLwIrbPEPo5GaF57f%2BmouSD5dqnVhvtb2cpmyypg0cUep"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075d9e6c9a3c-FRA
expires: Thu, 03 Nov 2022 23:58:33 GMT

GET
H2 200 1131526-gallery1.jpg
cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/425480c25992d3501031f4f9eef0826da985ab2b/ 13 KB
14 KB 50ms
47ms Image
image/jpeg 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs2.gtaall.com.br/screenshots/5a9f9/2022-11/wide/425480c25992d3501031f4f9eef0826da985ab2b/1131526-gallery1.jpg
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4b5af603ce3a18ca8463ef7828e071005459eb6e62c38f5d00f804516c19b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7660
cf-polished: origSize=14502
content-length: 13768
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 18:12:15 GMT
server: cloudflare
etag: "6362b2ff-38a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ4PEQ%2FuOymT7sJgPWGzFsGI27fyhTJ89EihDUIeVKqwQvTv76N1CJU0oQbnBhcMNoJmoXEa9ainaLzZLFLjDhvEs40RRA%2F6qF2mJ3Ny1jXO97xnQMtk61jsmqQ8nfNRAp1se8FJfxnrlUAOElnp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075deec69a3c-FRA
expires: Thu, 03 Nov 2022 22:27:34 GMT

GET
H2 200 bootstrap.min.css
www.gtaall.com.br/static/vendor/bootstrap/css/ 118 KB
20 KB 57ms
49ms Stylesheet
text/css 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 13:07:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33293
etag: W/"5ce3f80f-1d942"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLyBY7pLg1T%2BgdZJcXp4z7qHmGiHxdKBOlCw6aK2kQ%2BH%2FHyiIxseYveOK8S4hTYkr4WwgV%2BTBwZCwAAgO0fp1XTELAilH92NOS7ExEgkFCEPulpHicKpOIj8UMuwYFASrdJwAWOCaMv%2F8AM7HytY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7641075c7cd19a3c-FRA
expires: Thu, 03 Nov 2022 15:20:21 GMT

GET
H2 200 paginator.css
www.gtaall.com.br/static/vendor/paginator/ 1 KB
804 B 49ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/paginator/paginator.css
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69296d94a9e5c1c7aa15e93080095fd94895540507a56f6f31062b050e344322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33109
cf-polished: origSize=1325
cf-bgj: minify
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: W/"5ce3f80f-52d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiIZrYwFyAzrqPFGKIQBrgCD%2BdPMEks17tHa3oExRRBvEJwvyrQCm3LFk%2BF7F1YgXlLc%2Bv6WxKOcCgk6t3VLO7SHPSRw3P%2FL3up%2FZqpSa7Y%2BUhB5LQzzMtSRbWCG2NoXTwyAUBeinWHnK%2BDVOzK1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7641075c7cd69a3c-FRA
expires: Thu, 03 Nov 2022 15:23:25 GMT

GET
H2 200 main.css
www.gtaall.com.br/static/public/5a9f9/css/ 14 KB
4 KB 54ms
47ms Stylesheet
text/css 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/public/5a9f9/css/main.css
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776db4bf8ef8184eb9866cba8763a5827db4ea4aade19b4e03761d7f2f7eaa71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33293
cf-polished: origSize=16029
cf-bgj: minify
last-modified: Tue, 19 Jan 2021 13:32:34 GMT
server: cloudflare
etag: W/"6006df72-3e9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fISFm%2BZX49RCmAP1x0g%2B0JO8OYFPqE0picNH5FU3a%2BFc09xsrjFc6qwDuup1egv7aN1cwiK56Jyv2qqtNjGQeuCizvZ1ljeTQKXxNb%2Bu%2Bv%2FgrstC%2BlBvzIsjf9aXhPeF6mfePENdIEvMMU5QPfWj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7641075c7cd79a3c-FRA
expires: Thu, 03 Nov 2022 15:20:21 GMT

GET
H2 200 mmenu.css
www.gtaall.com.br/static/vendor/mmenu/css/ 37 KB
6 KB 55ms
47ms Stylesheet
text/css 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/mmenu/css/mmenu.css
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260e708ea94ad307187e77771e84923c56d71d8d47e2fed0850d516899ad6e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33293
cf-polished: origSize=46947
cf-bgj: minify
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: W/"5ce3f80f-b763"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCKisS9TMa3%2BBgM7Sjyh3gsxVdhtoBGchWKwU7WJ5IwnjvpPUXjNUGyYirI7xtpnjfIKt9bo3ef1oMkBpZSLUi7nl4jSkKQ%2FKJBOhVG8G5tkluYb9KbyvZLDtXrjhoWyxPcYlCd6idoOxTndbOii"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7641075c7cd89a3c-FRA
expires: Thu, 03 Nov 2022 15:20:21 GMT

GET
H2 200 menu-mobile.css
www.gtaall.com.br/static/public/5a9f9/css/ 5 KB
1 KB 50ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/public/5a9f9/css/menu-mobile.css
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa602ba24563e7853b8de65157794962869acb188d8744f2ad056b289f00405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33293
cf-polished: origSize=5185
cf-bgj: minify
last-modified: Mon, 03 Jun 2019 08:52:10 GMT
server: cloudflare
etag: W/"5cf4dfba-1441"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN4lEz8un7SkIS%2FNyLlIHMnN2RawAYOFopLulNcXCoT6hcXFcTaGwHEJcwKns5dN8Fu1pD4jtUcSNpUTB2lWH31VyFFa7QuQ5vZVUQh8V9mAX2CQMSNgq7vyXC1%2BLpqwGnxgFoyJKrfPdBkwo%2FXd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7641075c7cd99a3c-FRA
expires: Thu, 03 Nov 2022 15:20:21 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
www.gtaall.com.br/static/vendor/jquery/ 85 KB
31 KB 88ms
81ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/jquery/jquery-3.1.1.min.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3481cfe6701c643f2cf14777554a8d82b65e3bb2af6a6e326b925726c4caeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 13:07:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33288
etag: W/"5ce3f80f-152bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf32MS48un4MgxYex2qiOmHtgriul%2BJetOSuOMIKSKEC0Fxq2SWGfDSnJqAbQFM1dysMv%2BmAVC9yG9Wo%2BATf8f3SOLuJkS06xgVFll5VOB6iQGcrXQb1HnNSZiII2iiDzaiQV%2Bpe9MR7xPsXXPWs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075c7cda9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 jquery.cookie.js Show response
www.gtaall.com.br/static/vendor/jquery.cookie/ 2 KB
1 KB 55ms
48ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/jquery.cookie/jquery.cookie.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33288
cf-polished: origSize=3121
cf-bgj: minify
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: W/"5ce3f80f-c31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVcp4M0EDDBNOXhbdLqUmZzX10yUZRr2zKxAuy%2Blz08CZRo9%2BCoS7NXQOhhEUPm5nCCDULKOqU4Py3ODblNTQJGSyyOSgySsmMai5yQV%2Bp2w2gBn6ouhvfaN%2BB0Uct8GjdKesSc39muuFgK3Q47U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075c7cdd9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 bootstrap.min.js Show response
www.gtaall.com.br/static/vendor/bootstrap/js/ 36 KB
10 KB 61ms
55ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 13:07:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33288
etag: W/"5ce3f80f-90b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGwFcFGjHq5v%2Ba%2FfFfWWLmwjTAMcnRe2BXJsAIRuneRogr7D0f%2FLNtaPpBaH41Elstm%2BA5zifHyAneG3ddXhZbtuZ90qxT%2Fxfbg%2BaUcaFc2to2M6kZneN3WNVXC7%2FI1WpYPrSz4N4sQrN%2Fzscyui"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075c7cde9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 tmpl.min.js Show response
www.gtaall.com.br/static/vendor/tmpl/ 1 KB
909 B 49ms
43ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/tmpl/tmpl.min.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480ab71e84984106b5a6beb6a7fe4c88caba1d2f1f6bc08c162f756738e4b1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 13:07:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33288
etag: W/"5ce3f80f-40b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhY8%2BpKWWW4Xo0eB2CmNExyP%2BcalYJDeL9MJ4PwQDAMssOSLDeDaVOiISt8g2jbHqBk8iorzQFvuzCiW5ZdHipDLSGICA1vkDbRlCQRfCyuK7K6d9gU93KiMMtKzPMR2MCKgJJICaFsHz7KYZAsW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075c7cdf9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 actions.js Show response
www.gtaall.com.br/static/public/5a9f9/js/ 2 KB
893 B 100ms
94ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/public/5a9f9/js/actions.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d303d6a9f0cc67d95a6e744cc0db440d1508278baef9e18b8514917e39a1dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33288
cf-polished: origSize=3954
cf-bgj: minify
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: W/"5ce3f80f-f72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXKA6N0bFadVIzCnFkXMZ2sbICtvuJl0xCbChkpSPe%2FsYfl%2FiqRPDwH2I3ItjQTHeuPZq%2BGrbWyRfv6ZKpkwuoDAiNJD%2Fg%2FdcAwAMacGg%2Bp%2F0XRqZ7bvuHRpf%2F6SPrpg8toKD%2B0V553fOscX4pE7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075cad0a9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 paginator.js Show response
www.gtaall.com.br/static/vendor/paginator/ 8 KB
3 KB 96ms
91ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/paginator/paginator.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb59059165f83ae6eebfc7973dfb7f6c77b6c1170968a6a30c85f643ac160b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33109
cf-polished: origSize=9550
cf-bgj: minify
last-modified: Mon, 03 Jun 2019 08:19:50 GMT
server: cloudflare
etag: W/"5cf4d826-254e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrAuTSGC6edYuuzBmC7pRluX9z4SSRjaqQA60%2B4tScVOaCpC03u0ScO%2Bt%2FtiCgFpMZZX94DwvNT8ZFa%2B90qxnVoUP72xvK8mdDwrFrzLPkVBPf4IJtj4TK4EhJEmIza2dSOR1IdZKSFvmjt3o7OV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075cad0c9a3c-FRA
expires: Thu, 03 Nov 2022 15:23:25 GMT

GET
H2 200 charts.js Show response
www.gtaall.com.br/static/public/5a9f9/js/ 3 KB
1 KB 99ms
93ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/public/5a9f9/js/charts.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36ab9229636b7b4dc99e0453ca13cbbbdabf20820b34ddd07bd765cb45b1416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33288
cf-polished: origSize=4401
cf-bgj: minify
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: W/"5ce3f80f-1131"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg9YHI9T7QaMaR1uS4DTHzJWqQ8vSKRJ5AUZIvvEJIvvOlBsyBh6WL4Fej01pJoyoiDywrhf742aMWNmQrnoCcj4eWksuAWc7%2FkaM1ykVcXXEuhWlSp9bRm8RlsheYr%2FLwm6wuUfLEuCULXkeUk2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075cad0d9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 main.js Show response
www.gtaall.com.br/static/public/5a9f9/js/ 6 KB
2 KB 95ms
90ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/public/5a9f9/js/main.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af4dcd54261a1a36fe6f54ea8a09cf92a4e690f12b749bf5ee2935405ad1e4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33288
cf-polished: origSize=10026
cf-bgj: minify
last-modified: Tue, 19 Jan 2021 13:32:34 GMT
server: cloudflare
etag: W/"6006df72-272a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmuC06RVpli%2FiIFAJ8AHY3KggpizXw8GKI1oHM2FtFkuH%2FE%2B3oWuj8v9zSb8nOC8f%2BpziU%2Bj8qLpBN9BUGW9ymQn0wHNsVqns%2FSF%2BSyNvoIgQMVbOxDsZjwDkt5b6mjixM%2F2jeub3tTbVv7RE8ou"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075cad0e9a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 mmenu.js Show response
www.gtaall.com.br/static/vendor/mmenu/js/ 33 KB
10 KB 100ms
95ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/mmenu/js/mmenu.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd06a293d1624005b066d3f14f3c78215458f5428c08d16c91885568cff6b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1702
cf-polished: origSize=35868
cf-bgj: minify
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: W/"5ce3f80f-8c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kU4WcJW1r0zJE4sLeHRHuh4ksF2rhDzi8BDHhsR9v8ZdEZwEr7u3T04zrEfrBLFM5E%2FUh%2FUMhMD5fZyXED9Z8Qibvd3jbbzPWLklT4My%2Bvr%2FUsOXYvHN8kn7EtXJV4n9UV57%2BNkwMyvmzEq%2BDkkz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075cad109a3c-FRA
expires: Fri, 04 Nov 2022 00:06:52 GMT

GET
H2 200 menu-mobile.js Show response
www.gtaall.com.br/static/public/5a9f9/js/ 3 KB
1 KB 96ms
91ms Script
application/javascript 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/public/5a9f9/js/menu-mobile.js
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9820cafc194b84f9c68c47d7528071b495e9b731a8ac873bb1124f389446121e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33288
cf-polished: origSize=3435
cf-bgj: minify
last-modified: Mon, 03 Jun 2019 08:52:10 GMT
server: cloudflare
etag: W/"5cf4dfba-d6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8%2B9xvZCz4wr6SzhFyRH3cqfy%2Be8m3byyTX%2BmE2EvO7qJjI%2BFWMkwiEHjtJMCltsywNHMUzBTAMmf966%2Bbq9L2KPijbHNhECjVX6TR0siu%2Fc473h3pBJI2W5WAJBQ5HiKukFH7splTzRP5as4Q1B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7641075cad129a3c-FRA
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 bg-top.png
www.gtaall.com.br/static/public/5a9f9/images/layout/ 120 B
508 B 93ms
92ms Image
image/png 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gtaall.com.br/static/public/5a9f9/images/layout/bg-top.png
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a9209c6b3363cc676436da7c4cd1c838801c3af2b426d07f0bc83e3400eb7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21306
cf-polished: status=not_needed
content-length: 120
cf-bgj: imgq:85,h2pri
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: "5ce3f80f-78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZXPlET%2BieJOIlAn7Z819WmISPEAZJcDp9rC4eor%2Fj8OeaYVvNd5WJljm9jRy1fbkHDyctXm1mkRHpl0p8STZ9xia7nYwGFJrc0429lOq4R4kaMPcuHlCxsWLys7INY49xPWTR10GF7VB92MVouJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad139a3c-FRA
expires: Thu, 03 Nov 2022 18:40:08 GMT

GET
H2 200 main.png
www.gtaall.com.br/static/public/5a9f9/images/spritesheets/ 47 KB
47 KB 92ms
91ms Image
image/png 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gtaall.com.br/static/public/5a9f9/images/spritesheets/main.png
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008f99830656b779ad8da531f13251e795d82340098c7d349e98659b51e8e5e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117
cf-polished: status=not_needed
content-length: 47860
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 08:25:39 GMT
server: cloudflare
etag: "5e4b9f83-baf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kugg0YZZDT6FGyMYJIoI6f2Uib5HdkMy2Tr21zBA%2BP38wM5n9t3HfCrx430OhMkoM%2BfShs4RxvGpGR9%2F%2FYw3HPYH8zL11pkPTawR0nrf1Q8nzycCKYh%2BMQCT4NRm02TJR8colHRUSyOwJcEZGD8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cad159a3c-FRA
expires: Fri, 04 Nov 2022 00:33:17 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t16.2;r;s1600*1200*24;uhttps%3A//www.gtaall.com.br/;hGTAall.com.br%20%u2014%20GTA%20mods%20com%20installer;0.7508074430050187
https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttps%3A//www.gtaall.com.br/;hGTAall.com.br%20%u2014%20GTA%20mods%20com%20installer;0.7508074430050187

245 B
731 B

78ms
74ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttps%3A//www.gtaall.com.br/;hGTAall.com.br%20%u2014%20GTA%20mods%20com%20installer;0.7508074430050187

Requested by

Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

d2f4ee0023f8a8bd256dcb9f772f5dd138a31b4d39e9720f61fcba0d157217f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 00:35:14 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 245
Expires: Tue, 02 Nov 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 00:35:14 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttps%3A//www.gtaall.com.br/;hGTAall.com.br%20%u2014%20GTA%20mods%20com%20installer;0.7508074430050187
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 02 Nov 2021 21:00:00 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.gtaall.com.br/static/vendor/bootstrap/fonts/ 18 KB
18 KB 53ms
52ms Font
application/octet-stream 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtaall.com.br/static/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/static/vendor/bootstrap/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://www.gtaall.com.br/static/vendor/bootstrap/css/bootstrap.min.css
Origin: https://www.gtaall.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 13:07:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33288
etag: "5ce3f80f-466c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp0%2FJjOWXh6S1nEh6O9meswsatQ%2FCu4WXdlQEwsIkl8o%2FXsX3IVbjJaqG2sZwgfbSraRjPlXFTtREtnkjE7r14VJ2NWRmrsc%2FtUSw4MU4lugSW%2FWAhXsdqOPKGePDUz2Fe%2FEJkcBeJbTu1nrJQm5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075cfd859a3c-FRA
content-length: 18028
expires: Thu, 03 Nov 2022 15:20:26 GMT

GET
H2 200 paginator-slider.gif
www.gtaall.com.br/static/vendor/paginator/ 60 B
408 B 43ms
42ms Image
image/gif 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gtaall.com.br/static/vendor/paginator/paginator-slider.gif
Requested by: Host: www.gtaall.com.br
URL: https://www.gtaall.com.br/static/vendor/paginator/paginator.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab59c2826963b5d469ae3b60e901b70fc2ddb3993ab82f8b3ed0b957b5eb668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/static/vendor/paginator/paginator.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7659
cf-polished: status=not_needed
content-length: 60
cf-bgj: imgq:85,h2pri
last-modified: Tue, 21 May 2019 13:07:27 GMT
server: cloudflare
etag: "5ce3f80f-3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23ex%2F%2FZi0ZcAzW6HSvJjdi5AyYqFFLR1wLAOXzkA16bvTsFlzvUtMVGnx3LvZ1kiCjhqtbBEBybLfjE3EnH5T1gt9wxJSemrbgHSxDXa56p8gtXjSJiIJqgYQHSNMJUtGSZpGIazkWCv7Hnrkm7j"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7641075dce959a3c-FRA
expires: Thu, 03 Nov 2022 22:27:35 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 353 KB
116 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4593125056617010&plah=www.gtaall.com.br&bust=31070664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02302974dc6c7d0a920ea44a1722461c1def9096efbdea0407a3a5f4acdab320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118918
x-xss-protection: 0
server: cafe
etag: 12922702488293216649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 9CB1 10 KB
5 KB 120ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:05:44 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:05:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
36ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48180038-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 03 Nov 2022 01:24:49 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
698 B 144ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.gtaall.com.br&callback=_gfp_s_&client=ca-pub-4593125056617010&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4593125056617010&plah=www.gtaall.com.br&bust=31070664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aa796cd921740a2c9fd69f01cca05d7e7dcf49b8e3d6803612dab3269e87168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 142ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gtaall.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
46ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gtaall.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA9A 103 KB
33 KB 462ms
384ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=2612975548&adk=2042673336&adf=1199159007&pi=t.ma~as.2612975548&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714289&bpp=4&bdt=341&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=7253037583563&frm=20&pv=2&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=INa7HVt8cu&p=https%3A//www.gtaall.com.br&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8133de404adab3afd730fd3b0cb7f7aee57d5ed61b4e09dcd53624858073450f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34F0 86 KB
30 KB 342ms
290ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3661037841&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714293&bpp=1&bdt=345&idt=199&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MWGCegSRD6&p=https%3A//www.gtaall.com.br&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f59ae3a145e11a1eab213f2e4dda728131f58c873a1abe9d6ddc52240a88b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31176
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20AE 87 KB
31 KB 435ms
394ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=8519908347&adk=1112064495&adf=3397273128&pi=t.ma~as.8519908347&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714295&bpp=1&bdt=347&idt=210&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AwjTRybop1&p=https%3A//www.gtaall.com.br&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db717f4710aac1b1bb7434bff04662a84984a65e5b8f33f3b494468f5774014f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31379
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA41 85 KB
31 KB 377ms
344ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7014b195e8dce23373ecb22c51fa5e1e3883bcd6e244e07c2196ea05df4846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 123ms
44ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1560713784&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gtaall.com.br%2F&ul=en-us&de=UTF-8&dt=GTAall.com.br%20%E2%80%94%20GTA%20mods%20com%20installer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=47468929&gjid=1127778652&cid=606390547.1667435714&tid=UA-48180038-1&_gid=1743031852.1667435715&_r=1&gtm=2ouav0&z=407323195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtaall.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 00:35:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gtaall.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EE9 77 KB
30 KB 430ms
411ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=600&slotname=7337998696&adk=2963125940&adf=1769670598&pi=t.ma~as.7337998696&w=300&lmt=1667415222&format=300x600&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=232&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=mYL8wQfTSg&p=https%3A//www.gtaall.com.br&dtd=234

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea2375eb26b3901c11ec2ce04378fd5cfa8da422221c8f0057a64a4c4fccb59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30942
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 739A 97 KB
33 KB 364ms
352ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe56ceedb34b130cd2735917664f9b89fed8904e5806355026bd314e73d134a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33768
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 276D 9 KB
4 KB 182ms
180ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&adk=1812271804&adf=3025194257&lmt=1667415222&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gtaall.com.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714312&bpp=1&bdt=364&idt=228&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600%2C1200x280&nras=1&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=234

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63e793d53f754a10daebaf6dbd511d993334d842d420e86bd775560db16f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 3979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:14 GMT
expires: Thu, 03 Nov 2022 00:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 158ms
48ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-48180038-1&cid=606390547.1667435714&jid=47468929&gjid=1127778652&_gid=1743031852.1667435715&_u=YAhAAUAAAAAAACAAI~&z=29990272

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtaall.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 03 Nov 2022 00:35:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gtaall.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 34F0 6 KB
745 B 137ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3661037841&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714293&bpp=1&bdt=345&idt=199&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MWGCegSRD6&p=https%3A//www.gtaall.com.br&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 22:54:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 34F0 2 KB
799 B 297ms
140ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34F0 0
0 119ms
119ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgbSnwgxjY6W-I7mTjuwP15CpgAbPvbWqa7XW5P2ADNrZHhABIM-k8QNglYKmgrAHoAGumIqiAsgBCakC2D83Nk59sD6oAwHIA8sEqgTnAU_QKoQ2AR0oHq4Qjhhb1eauPbrAcsSozUM-O38pGiQhRog1dOF6w2W_A01huYug_PDTIROJI6jEvuTwtU1O13vnR3hAOMXEk8CkAb5wwdjm2_uwomluzjpRX4U7MIOv6Nw6OiArumMvTXZD1VLUeaZF_pyz_N1zyKjqqqhnX19Z5ACohUk5psMBSwPqL4OivhoyTVkcnSOTyOfQwGQ_vG_WW_W5yPlgv53bzPA5X7d0kcrbsm5LTTi7c4lcDPLVlQSVGECoeHXcdTR4sYx01gosspS5-52AbPB2MhemU6bvoaABjjcDdsAE2c-_mogDkgUECAQYAZIFBAgFGASgBi6AB7rn9d0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqJAB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNDU5MzEyNTA1NjYxNzAxMBgA&sigh=1z4s7Acty20&uach_m=[UACH]&cid=CAQSGwDq26N9bm9-al-ow_mJQaeLdJ5B8aZKi4aPGBgBIA4&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3661037841&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714293&bpp=1&bdt=345&idt=199&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MWGCegSRD6&p=https%3A//www.gtaall.com.br&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 00:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 34F0 23 KB
9 KB 188ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 34F0 3 KB
1 KB 292ms
140ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 34F0 17 KB
7 KB 192ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F0 153 KB
47 KB 428ms
331ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:15 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 34F0 34 KB
14 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/6945190998576856737/ Frame 34F0 17 KB
17 KB 291ms
148ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6945190998576856737/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

244ee1a0987a74802e3b760f874c7914fa0c7c81266a0f351428dd00dc9b9010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:12:38 GMT
x-content-type-options: nosniff
age: 98557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17556
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 09:50:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 21:12:38 GMT

GET
DATA 200
OK truncated
/ Frame 34F0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame BA41 6 KB
1 KB 81ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 22:52:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 739A 8 KB
968 B 72ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 22:53:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame BA41 2 KB
799 B 234ms
145ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA41 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIvn1wgxjY4u3I_uQjuwPyfessArPvbWqa7vq_duUDNrZHhABIM-k8QNglYKmgrAHoAGumIqiAsgBCakC2D83Nk59sD6oAwHIA8sEqgThAU_QpPpc3y3h7TGGw0ps-CB-2Xbcl-MewaEqC5aXP9QR5ZRejndIfbF_o6gxMrlYLQgpu5EvRsJ1iGPmyxhlU_klYzLJz3nl6cXn6ULVz5_KIcLeMDAGN44Jvgf54-YmOXwqSAfrlhiCIw8IgBgUPDCnyu3cejK0mhgnlf5_BNIAHZ1dY90ySXfPXxKAfN7KhllrQLJ7dnGTTmwADCsEabQ1D93QtnJLZ0oCefx_Nnf7H4zAWrXkUzF8h1pbPhF1ql_W45lOeNoisReeC48Zz7r6yuJet-OJG9unRriw9uzluMAE9ZXJnIQDkgUECAQYAZIFBAgFGASgBi6AB7rn9d0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ1zjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNDU5MzEyNTA1NjYxNzAxMBgA&sigh=dCSL66UtdZs&uach_m=[UACH]&cid=CAQSGwDq26N9oUP1LWSvHKmGutkLHK8-1F0KH2ZDixgBIA4&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 00:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame BA41 23 KB
9 KB 133ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame BA41 3 KB
1 KB 231ms
144ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame BA41 17 KB
7 KB 160ms
73ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 739A 2 KB
799 B 226ms
142ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 739A 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUER5wgxjY53AI5mLjuwPnqa2-AHPvbWqa6vx_duUDNrZHhABIM-k8QNglYKmgrAHoAGumIqiAsgBCakC2D83Nk59sD6oAwHIA8sEqgToAU_QeslZTpw7zjcNSOv2jDD98cJ5kkLL8qmtLTNtv32QwKHqgT6CGCYxfvuXHGqy8IkjGfCfisyxOc9CzC4pFYX_27uzUlK_YkAK9sTDyZkzgRpx6A7swl1wcVZ7wcvwB0s2UaXQewXn-l6EUYI0Go6bHQ6LRQV6TD9sMx4AqCw5CByRYgdNiAXJmc82Io202ezWOad5wM4-a4i5djYB0LYOijj6DW9xSGaggccgr7DMSlf8sCSQ8-r0tEn-vISegOVtkC62DRLN7SN41aviqB4aIq4c2DlmAqxX9kgGGHjzoE6CfVnBrJjABPWVyZyEA5IFBAgEGAGSBQQIBRgEoAYugAe65_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEOVT0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNDU5MzEyNTA1NjYxNzAxMBgA&sigh=zhTsegWTklw&uach_m=[UACH]&cid=CAQSGwDq26N9GQBChJrOsEP7nkMyMoIa8wiZTZt7HhgBIA4&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 00:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 739A 23 KB
9 KB 158ms
80ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 739A 3 KB
1 KB 219ms
141ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 739A 17 KB
7 KB 164ms
86ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 739A 153 KB
47 KB 428ms
405ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:15 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/16898535185370036031/ Frame BA41 48 KB
48 KB 227ms
150ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16898535185370036031/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6891778a70210454488fa559428d3925d9b78b39fec736bfdc125862fa94977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:15:08 GMT
x-content-type-options: nosniff
age: 98407
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49472
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 09:07:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 21:15:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15334278864553842226/ Frame BA41 7 KB
7 KB 223ms
147ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15334278864553842226/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 08:13:08 GMT
x-content-type-options: nosniff
age: 404527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7204
x-xss-protection: 0
last-modified: Sat, 01 Aug 2020 11:26:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Oct 2023 08:13:08 GMT

GET
DATA 200
OK truncated
/ Frame BA41 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7d3374e03a418879bced995db8bbc1a48cec7cb7add24b42ed340c2ca313ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11233056549000801554/ Frame 739A 35 KB
35 KB 165ms
95ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11233056549000801554/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e19e12c4fc422d5dc6ad9afd3a0f9bcc64e28739d256f4529304dfe467f88fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:31:40 GMT
x-content-type-options: nosniff
age: 515015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35572
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:34:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 01:31:40 GMT

GET
DATA 200
OK truncated
/ Frame 739A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 739A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame CA9A 3 KB
674 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=2612975548&adk=2042673336&adf=1199159007&pi=t.ma~as.2612975548&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714289&bpp=4&bdt=341&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=7253037583563&frm=20&pv=2&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=INa7HVt8cu&p=https%3A//www.gtaall.com.br&dtd=182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 22:57:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA41 153 KB
47 KB 415ms
413ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:15 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame BA41 33 KB
14 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 16:40:17 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 739A 34 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 20AE 6 KB
745 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=8519908347&adk=1112064495&adf=3397273128&pi=t.ma~as.8519908347&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714295&bpp=1&bdt=347&idt=210&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AwjTRybop1&p=https%3A//www.gtaall.com.br&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 00:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 22:50:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 00:35:14 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0EE9 7 KB
3 KB 124ms
92ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=600&slotname=7337998696&adk=2963125940&adf=1769670598&pi=t.ma~as.7337998696&w=300&lmt=1667415222&format=300x600&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=232&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=mYL8wQfTSg&p=https%3A//www.gtaall.com.br&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e14e8eaae88081e226f2ad0dda29bd3389bc59183d066734ead9d10d3bfaa72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 16:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3132
x-xss-protection: 0
server: cafe
etag: 18405294637493023780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 16:16:01 GMT

GET
H2 200 8784762323758789251
tpc.googlesyndication.com/simgad/ Frame 0EE9 35 KB
35 KB 199ms
168ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8784762323758789251?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmza9NGs4YGIWjlAk1m0hOrm8e0Jw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a81d95fb8093bb88e61cf7fc6bbe6d24921bf37b2523b71256da372bcaa0066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:53:37 GMT
x-content-type-options: nosniff
age: 20498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36159
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 12:39:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 18:53:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 0EE9 23 KB
9 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 01:07:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0EE9 3 KB
1 KB 152ms
69ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0EE9 17 KB
7 KB 144ms
60ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EE9 153 KB
47 KB 227ms
225ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:15 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0EE9 33 KB
13 KB 152ms
70ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13493
x-xss-protection: 0
server: cafe
etag: 7904785543377395088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 15:07:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CA9A 2 KB
799 B 168ms
141ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3

200

B26587312.345105827;dc_pre=CJLQ74vikPsCFZpt4AodeZ4How;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/ Frame CA9A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345105827;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345105827;dc_pre=CJLQ74vikPsCFZpt4AodeZ4How;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rd...

42 B
63 B

139ms
60ms

Fetch
image/gif

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345105827;dc_pre=CJLQ74vikPsCFZpt4AodeZ4How;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Requested by

Protocol

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 00:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Nov 2022 00:35:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345105827;dc_pre=CJLQ74vikPsCFZpt4AodeZ4How;dc_trk_aid=536719994;dc_trk_cid=160699114;ord=2453154641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CA9A 0
0 85ms
83ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd0iOwgxjY4K4I9mHrATipqDoAbWkupxt-qm2nfkP8ryCgcAFEAEgz6TxA2CVAqAB-J344gPIAQmpAtg_NzZOfbA-qAMByAPLBKoE0QFP0NdR4FwXTBpqaQD-bp8iq0LNmERH_tIOzT3DcMBKssu4hRQf2FRMC3aYpSGu9XrGDwiLdOOq08WyVLkb-esRcMfwn7OscodtE5SLQ7qz_IF95ACkuev31uJzyzhvR9Yxqg_CXghsdC_1sAO6KB0mmCEEmujoGKqsJN4U05BpDLPt-rEN2JZFYVxCyU5MRf9VJYBTZmjqYegbEmC5wI0l5p4f_qjhYFQpovtK-TVl8Ay3UPwUM73nXF0LkY1PuDx18w91bhA1FitsN41k2z3I9sAE_O3_wYUEkgUECAQYAZIFBAgFGASgBi6AB7XtqdYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPCgBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQ1OTMxMjUwNTY2MTcwMTAYAA&sigh=psnuvWG0BNg&uach_m=[UACH]&cid=CAQSGwDq26N9pPVszQOjGeyTMIZk9QihleEhuyfv_xgBIA4&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=2612975548&adk=2042673336&adf=1199159007&pi=t.ma~as.2612975548&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714289&bpp=4&bdt=341&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=7253037583563&frm=20&pv=2&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=INa7HVt8cu&p=https%3A//www.gtaall.com.br&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 00:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame CA9A 23 KB
9 KB 143ms
118ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CA9A 3 KB
1 KB 160ms
136ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CA9A 17 KB
7 KB 155ms
131ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA9A 153 KB
47 KB 419ms
417ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:15 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame CA9A 34 KB
14 KB 117ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 20AE 2 KB
846 B 161ms
139ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20AE 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CChz5wgxjY8OuI7-MjuwPgpmqOM-9tapr-_H925QM2tkeEAEgz6TxA2CVgqaCsAegAa6YiqICyAEJqQJOgnuz4JSwPqgDAcgDywSqBOcBT9AhWF-b0Ra91ViKwCJsJjWcYMXkuKIOUeWpG49MdjN3yDe4NFlgvjSL2kjsflF-JRH-DcO0ZrDtpVPtLC1trMrKaRBR9m6spdytlRgim669wS-X19nA7ZMlxSBjseDlr83KlqNU-cZ34yolJHTq1x0FiOIGkgPzm7clLtfPsnUZv2OE1QpA-FsRyjfgK0PZmVoyGPaNdTPBSyjKx1Ye1DsbQ2EssOjbLYFf_GCFfRWJREaVOoPl1xDzAYAWfnAmf79mc4s3VNHV4zMz159GgV962Bt7_KIj6JheDwWo9Xyc8l_HFMt0wAT1lcmchAOSBQQIBBgBkgUECAUYBKAGLoAHuuf13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCJwAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNDU5MzEyNTA1NjYxNzAxMBgA&sigh=Q9o9lWdiF_M&uach_m=[UACH]&cid=CAQSGwDq26N9Z7NpFqRwcIDk3oNohzv_tuKXuBcwdhgBIA4&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=8519908347&adk=1112064495&adf=3397273128&pi=t.ma~as.8519908347&w=890&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=890x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714295&bpp=1&bdt=347&idt=210&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AwjTRybop1&p=https%3A//www.gtaall.com.br&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 00:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 20AE 23 KB
9 KB 149ms
128ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 20AE 3 KB
1 KB 157ms
137ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 20AE 17 KB
7 KB 152ms
133ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20AE 153 KB
47 KB 392ms
391ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:15 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 20AE 34 KB
14 KB 117ms
44ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H2 200 3419829492936280953_17951798738465580776.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame CA9A 450 KB
451 KB 148ms
48ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/3419829492936280953_17951798738465580776.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b3f92940571e4d961b835708baa5f89f563e3c822f98f9baf18693be34efd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 07:33:40 GMT
x-content-type-options: nosniff
age: 234095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 461140
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:22:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 07:33:40 GMT

GET
H2 200 3336867600807524417_15852033481640660483.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame CA9A 244 KB
245 KB 286ms
186ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/3336867600807524417_15852033481640660483.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 20:57:43 GMT
x-content-type-options: nosniff
age: 99452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250208
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 21:19:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 20:57:43 GMT

GET
H2 200 13289785411946942049_11119092042026277895.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame CA9A 402 KB
403 KB 296ms
196ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/13289785411946942049_11119092042026277895.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3ca8f83fda7dabc28699d6fe9a6af62041f1c3ff879fcd6a8703b86a2d0673f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:14:40 GMT
x-content-type-options: nosniff
age: 177635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412024
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 23:14:40 GMT

GET
H2 200 11304551484059591612_4864762457894113745.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame CA9A 334 KB
334 KB 291ms
191ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/11304551484059591612_4864762457894113745.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03bea64b39cd6d9d4fafd380a0ceb4f1dfaa14456175e99037b5fcef161791c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:52:50 GMT
x-content-type-options: nosniff
age: 20545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342055
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:22:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 18:52:50 GMT

GET
H3

200

11451250718949484972
tpc.googlesyndication.com/simgad/ Frame CA9A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA
https://tpc.googlesyndication.com/simgad/11451250718949484972

15 KB
15 KB

83ms
45ms

Image
image/jpeg

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11451250718949484972

Requested by

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:44:25 GMT
x-content-type-options: nosniff
age: 471050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15583
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 21:33:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 13:44:25 GMT

Redirect headers

date: Thu, 03 Nov 2022 00:01:25 GMT
x-content-type-options: nosniff
server: cafe
age: 2030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/11451250718949484972
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Dec 2022 00:01:25 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4289038552557739116/ Frame 20AE 20 KB
20 KB 172ms
160ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4289038552557739116/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2d48374f744b7a79072c54640e45969bb5b0972025ea9c99c972fab14454fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:58:13 GMT
x-content-type-options: nosniff
age: 452222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20314
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:45:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:58:13 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15334278864553842226/ Frame 20AE 7 KB
7 KB 157ms
146ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15334278864553842226/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 08:13:08 GMT
x-content-type-options: nosniff
age: 404527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7204
x-xss-protection: 0
last-modified: Sat, 01 Aug 2020 11:26:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Oct 2023 08:13:08 GMT

GET
DATA 200
OK truncated
/ Frame 34F0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5565bda25050047a6c84126d727f7d339138f2b5a8166298abecde1a6b1ad339

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BA41 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf46c3e33a0cad77718d88d2fdcddac19e7d7e06b6cebad8eeb5e7b3bcc554c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 739A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f66f82ababaf9ec104a0dd0700c05288b3e17592b4933e91d8251d3731c30d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0EE9 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCr1awgxjY_nBI9HE3gOiz47wA_Dv9pNtuO2Yr54Qpa6cupYwEAEgz6TxA2CVgqaCsAegAZXYtcgDyAECqQJSkNJPRR6zPqgDAcgDyQSqBNMBT9D--tjF5AZO_h7w0BwxMnJ1rc_fRboBr6PHdxkFwEcwDJbH_F0TTiz7U8xS1l0QxhlS5_ONErD1U1AHjDswdEkn0NBsiH5TcsGj1qOaqLRwx6ds0l09DQsYg_m3bLfVw6Et0C11P5Rj6nrhVKNdR2HZMd8UgnHuOrhnOftlon1GM2s192caGn4mo5N5C1YlzgpHvkRo5lkgbVAIxtg7PQhHYTbtjRtN5JJrcWDvbSRzTVkklaIdi_9yJiN3gMVLQftxzU04-5mNmGF2JopFjCnr1cAE-6_cxIcEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB92c9WKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCp_AbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDtAVAYAXAbIXHAoaCAASFHB1Yi00NTkzMTI1MDU2NjE3MDEwGAA&sigh=NQHyrs72_GY&uach_m=[UACH]&cid=CAQSGwDq26N9q7pzBfDNnumzGNXHpVkzugoc8G2DhBgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=600&slotname=7337998696&adk=2963125940&adf=1769670598&pi=t.ma~as.7337998696&w=300&lmt=1667415222&format=300x600&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=232&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=mYL8wQfTSg&p=https%3A//www.gtaall.com.br&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 00:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CA9A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e22dd12e2e4cc39a8eeb974744cef88bb60aacad7f06c16a1791ed9987d0a55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 20AE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541761c7150bcbd49949fec97590d1f5ba8d7d2819925b3bc2f779b65a182a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6908 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=600&slotname=7337998696&adk=2963125940&adf=1769670598&pi=t.ma~as.7337998696&w=300&lmt=1667415222&format=300x600&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=232&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=mYL8wQfTSg&p=https%3A//www.gtaall.com.br&dtd=234
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0EE9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2125cb8ea33fbc7758a8d910be61b58c5da69d36a730add687c86f8fa48bc70f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6908
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
49ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:15 GMT
expires: Thu, 03 Nov 2022 00:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 34F0 16 KB
16 KB 125ms
36ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 214750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 34F0 15 KB
15 KB 166ms
79ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 446071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 20:40:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 34F0 15 KB
15 KB 132ms
46ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 16:40:56 GMT
x-content-type-options: nosniff
age: 28459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:40:56 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame A5A4 36 KB
16 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 20AE 15 KB
15 KB 205ms
126ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 446071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 20AE 15 KB
16 KB 172ms
94ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 201023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 20AE 15 KB
15 KB 143ms
67ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 16:40:56 GMT
x-content-type-options: nosniff
age: 28459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:40:56 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA41 15 KB
15 KB 157ms
81ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 16:40:56 GMT
x-content-type-options: nosniff
age: 28459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:40:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA41 15 KB
16 KB 129ms
54ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 201023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA41 15 KB
15 KB 194ms
119ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 446071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 20:40:44 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CA9A 21 KB
21 KB 44ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:44:22 GMT
x-content-type-options: nosniff
age: 471053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 13:44:22 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CA9A 20 KB
20 KB 120ms
115ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 94947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:12:48 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 739A 28 KB
28 KB 110ms
105ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 181298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 22:13:37 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame E1BA 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 188A 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6818413945&adk=3907429518&adf=3334932112&pi=t.ma~as.6818413945&w=336&lmt=1667415222&format=336x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714296&bpp=1&bdt=348&idt=218&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=702&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=b9vHV9dBNw&p=https%3A//www.gtaall.com.br&dtd=220

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 128ms
52ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c3a8f758c35d915ee3a017fd9483e12beade372b6861daedfa96ac94cf11013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11298
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 48FA 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BCA 36 KB
16 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4593125056617010&output=html&h=280&slotname=6903574345&adk=3913797816&adf=3660086678&pi=t.ma~as.6903574345&w=1200&fwrn=4&fwrnh=100&lmt=1667415222&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.gtaall.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667435714297&bpp=1&bdt=349&idt=237&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=890x280%2C336x280%2C890x280%2C336x280%2C300x600&correlator=7253037583563&frm=20&pv=1&ga_vid=606390547.1667435714&ga_sid=1667435714&ga_hid=1560713784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44773613%2C31070664%2C44775017&oid=2&pvsid=3190197753571689&tmod=1059286159&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oEX8ZNxRtm&p=https%3A//www.gtaall.com.br&dtd=240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0662 36 KB
16 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 00:35:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDFD 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 21:19:33 GMT
expires: Thu, 02 Nov 2023 21:19:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1CD 783 B
535 B 138ms
56ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5c4e8fbe1d5e7ee490d88f7e56c58d68032325d213352d7f3cb02e6e877110e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-af4Nd1XaXsGw8RwXZABdvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gtaall.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-af4Nd1XaXsGw8RwXZABdvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 00:35:16 GMT
expires: Thu, 03 Nov 2022 00:35:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame FDFD 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 19:18:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FDFD 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TWfM6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:35:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1CD 0
0 72ms
71ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=3190197753571689&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EE9 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbHb4Lx6C-4DFONYJiCy3OAYM2FOzXHiiS0s0Pua6t5dw0XhZQGP-_VCcCS30w7AkwnWjgq7dlH_JFv2bOsRJ3OL76URXLUWUP3fBCJEJlk5tCVqN_KTRH0x7BGUh0qFvIzaegFg&sai=AMfl-YSIKvU73cUh95-aH33HMpx22nzAb-K5nrJj5AanWmBU6NuU7alQWAHmmMKUfuFVd_GxtNsAlShT-5H_XJ0&sig=Cg0ArKJSzBwIphRwCeqmEAE&cid=CAQSGwDq26N9q7pzBfDNnumzGNXHpVkzugoc8G2DhBgBIA4&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2963125940&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667435714531&rpt=945&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 00:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=3190197753571689&bg=!Dg2lDUnNAAZPh4lnb4c7ACkAdvg8WrbNUbDwKVb3BecIbDiSCJpcF7ChnEYypRBCuPwA0KtQR3vpwwIAAABGUgAAAANoAQcKANKz--oUHCjpuMA9OVw0BKqwbYoT1UniftXST9atmTIMKTkU9NLew3E7I4_qgEZGRXdivOMvL9itjCNEUGMMDhSMsU1t0bh6vCxNnZGBGLSiAQu8hG3SiK6ROgYATCr4APLXHTiJF_jKxcPi63vTR22EqRdHPNQ2hY67aijOvJ8o-1eOAVv8dYs-9cgL42n5h2mefszTPcx0-Sq7LIVFDgNBO059cwE6WN9524lwEpERVTsK9hA1IeNEEJGQLn6E-HFkbqofUgqY5-psolVVBBBB6JqZAqPIDkCXJ7sYZ7fNkLlsQoy63cFRrIk9tkjJFlORgl5SuBLcHW36H1fJhe8yvcHJN5aBd0L1un4BvjX0ROElUYbANgAwvCpY5lrm4r1stkqu7sq6j-LdJLmiYRic8yaU1ovDicdPrr7uRy9k4_V6jzT150Z9wdQKMbTO7r3xkeV1xIuTp6Q27XaccI5ex7drAnBuhqRNaZ-37cHhKo58Xh0njA0aloGX3xFeQDHpJBcqjCIRqDfG9TM-gQTOhG93QS6AnKjqma7TQf2-tpBwAUcjqd9-H3R3UPhR9cxUYq5Wg6oe4Qo0YRXcCZzU8iO7u8ceHWM3boSxaIE90DBPLsRY-HLWIOA79MzV1pzv8EAe1w4-lzVRQ2A0UiQpXPPjRfmccRq5mQTOQckDUebcPd2jcFUWDPvLr1hXkNrZvt9z_88AhHSTcHWMMEo3YDwiZWem_a-pHxZrxy5nsBNyySjdYqUOUkorDRiyLFe9PObvdT0XuV2J1rnXdSHZNBZBsJcxE_ZlvC81RW2ZlKLi4nhs_SQcgVL-V6nfW_QkkqQpgAvNNkh2zQvos0fq6lZOQEg4gEFZGyKSXUjaAZLwZZGFbPV0cv1I9nt9rKH1FCs3vlq1_kvfM-QqGsf1PNPEvRcpNEMAZ1PCY7GngEFgtJHvf_sz1y5jWLz5lp7_K3YkUqWXjX9O4IHHSjnGfNY517Zlt43cWX25hqzgFVH2TObTEOpRh_NXYLNKhzNpbBPNlBP12L1VjYXm290aQF_hr7yJZPCzBlteRDYY06apw8WuG0E8f4nTh2EcMTGiuGWImD6I1JlgxXFjm4Qtx5ICzgLVzWI4xEUZOdBzS4sbqYznn-Jr2CxZbQYEOA_-y7qvl_8qNyvyilQIl8uWdeo41S3vjeI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gtaall.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA9A 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3ve3KuyuNA7wN5lJsClwqlnsVxY8QHSiEzJr7AW4ZtbpB65MqwbrtTQZDW2CDqrdZniCIVsBCpJ3bQXQrCDQHXIbO9i1q5uRDzxCJ31n18E89k7SjRn1ioum35Cj75H-c8ozJfQ&sai=AMfl-YQmhTpq6s3pRXuMNa2V9R9cEuUxaZ3dyKmW5Du_qljHS3d9GvfkKfvyIaQ-9mdk-MzoUmjVNSJgLZ_wutA&sig=Cg0ArKJSzF23ZJxM3DniEAE&cid=CAQSGwDq26N9pPVszQOjGeyTMIZk9QihleEhuyfv_xgBIA4&id=lidar2&mcvt=1000&p=0,0,280,890&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2042673336&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667435714473&rpt=1315&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 00:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 15:55:58	Name: FTID Value: 1ZOmp22SgbOR1ZOmp2002J5p
.yadro.ru/	1970-01-20 15:55:58	Name: VID Value: 07jcOs1pW88R1ZOmp20022OJ
.gtaall.com.br/	1970-01-20 16:46:35	Name: _ga Value: GA1.3.606390547.1667435714
.gtaall.com.br/	1970-01-20 07:12:02	Name: _gid Value: GA1.3.1743031852.1667435715
.gtaall.com.br/	1970-01-20 07:10:35	Name: _gat_gtag_UA_48180038_1 Value: 1
.gtaall.com.br/	1970-01-20 16:32:11	Name: __gads Value: ID=e5a44f6518dcbf33-22c61f6e62ce001b:T=1667435714:RT=1667435714:S=ALNI_MYcJsvBlzJ6fhHohw__a8T4LrhN8g
.gtaall.com.br/	1970-01-20 16:32:11	Name: __gpi Value: UID=00000b7bbec39b08:T=1667435714:RT=1667435714:S=ALNI_MbbE3V_J-4e1pLtg9BQ1Hdfju-mxA
.doubleclick.net/	1970-01-20 16:32:11	Name: IDE Value: AHWqTUmLFfevgTvrAr8OD7Bb1tOLeKDnIkfyHBQf6soTjLnUNqjIXyqEpX_Hcq00TCg
.doubleclick.net/	1970-01-20 07:10:39	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
counter.yadro.ru
cs1.gtaall.com.br
cs2.gtaall.com.br
cs3.gtaall.com.br
cs4.gtaall.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtaall.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.gtaall.com.br
142.250.184.198
2001:4860:4802:34::178
2606:4700:20::ac43:4a93
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c0a::9a
88.212.201.204
008f99830656b779ad8da531f13251e795d82340098c7d349e98659b51e8e5e2
02302974dc6c7d0a920ea44a1722461c1def9096efbdea0407a3a5f4acdab320
0a81d95fb8093bb88e61cf7fc6bbe6d24921bf37b2523b71256da372bcaa0066
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
0e14e8eaae88081e226f2ad0dda29bd3389bc59183d066734ead9d10d3bfaa72
109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc
10a9209c6b3363cc676436da7c4cd1c838801c3af2b426d07f0bc83e3400eb7f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a16be77c773c32a19e122aa7957f32071f0285c4acc9a152dfcfeeea3310f70
2125cb8ea33fbc7758a8d910be61b58c5da69d36a730add687c86f8fa48bc70f
244ee1a0987a74802e3b760f874c7914fa0c7c81266a0f351428dd00dc9b9010
260e708ea94ad307187e77771e84923c56d71d8d47e2fed0850d516899ad6e9d
27c1dbc0ec08559a8113dde5e53e113eef635525e327a3814fc5040e39b50c3e
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2e19e12c4fc422d5dc6ad9afd3a0f9bcc64e28739d256f4529304dfe467f88fc
2f59ae3a145e11a1eab213f2e4dda728131f58c873a1abe9d6ddc52240a88b23
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37b24e51ea8905cdc38504e28d293054bb5fddb54b6308ab7ef0d27de80b3db3
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3aa796cd921740a2c9fd69f01cca05d7e7dcf49b8e3d6803612dab3269e87168
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80
480ab71e84984106b5a6beb6a7fe4c88caba1d2f1f6bc08c162f756738e4b1bd
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4f0621b44c176978c3d0079f7b9ec66ba4bd1e0c2adae787bfce48d22c3e4fb9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541761c7150bcbd49949fec97590d1f5ba8d7d2819925b3bc2f779b65a182a1f
5565bda25050047a6c84126d727f7d339138f2b5a8166298abecde1a6b1ad339
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f66f82ababaf9ec104a0dd0700c05288b3e17592b4933e91d8251d3731c30d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e793d53f754a10daebaf6dbd511d993334d842d420e86bd775560db16f982d
649a87cc6e003e3b9b1ce95cc96ddfadc2d453465c13bda8a2cfecbeb9ba2f3e
67d0e6e11b04fe5188a77dd084720cf70db5b6cb65f03eb089f483fa48fc455e
69296d94a9e5c1c7aa15e93080095fd94895540507a56f6f31062b050e344322
696faf9dc92481e397e62309dfbbee3afc769a341e7776150913354880980cfc
6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca
6ab59c2826963b5d469ae3b60e901b70fc2ddb3993ab82f8b3ed0b957b5eb668
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3a8f758c35d915ee3a017fd9483e12beade372b6861daedfa96ac94cf11013
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
75b3f92940571e4d961b835708baa5f89f563e3c822f98f9baf18693be34efd3
776db4bf8ef8184eb9866cba8763a5827db4ea4aade19b4e03761d7f2f7eaa71
7cc7bc427f15a7d5469b5e350554c5e6c4ae5e14b4ac25e9688b40d8c6775487
8017e649476149fdda869d459e3eb9f9073dbaa717f73f530c42d4fc42fd2ced
8101e101d31d12319e0aeb0b688ff3463663d86753600e98b7f1c0aa57a3b0a3
8133de404adab3afd730fd3b0cb7f7aee57d5ed61b4e09dcd53624858073450f
8398a92c56c19723df11ece299429595593f415fb65aaf38b54b824e02813b67
87ca86ee558af4d94fdebfcb45d62de2ddea5f83bfe3e664440b53c40b7a37ba
8af4dcd54261a1a36fe6f54ea8a09cf92a4e690f12b749bf5ee2935405ad1e4f
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
936dc7473abc79bf808de09603d28991555b94816c345a5c9b832f345e24b3f1
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
9675eab6352091614a81f87d9bfcbb9131e14b8e5fa6498c0056ae87108a7514
9781d1be7986df2915bbac2d455e66b36daec9805dafdd69b011ecaf7d970e01
9820cafc194b84f9c68c47d7528071b495e9b731a8ac873bb1124f389446121e
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9d303d6a9f0cc67d95a6e744cc0db440d1508278baef9e18b8514917e39a1dc9
9e22dd12e2e4cc39a8eeb974744cef88bb60aacad7f06c16a1791ed9987d0a55
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
bb48946a2db85c1c4992af2737abe6856a152b248469d25bd446b4e92d29b5b3
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
bef487a729d0d4521fc02649c35c440ef83388b4634034f7b8451eeb2fb0426d
bf46c3e33a0cad77718d88d2fdcddac19e7d7e06b6cebad8eeb5e7b3bcc554c4
c03bea64b39cd6d9d4fafd380a0ceb4f1dfaa14456175e99037b5fcef161791c
c33367b682dd899f512594e15e957bd72c1913b33e55eb9241da08c825ad8e7d
c5c4e8fbe1d5e7ee490d88f7e56c58d68032325d213352d7f3cb02e6e877110e
ca7014b195e8dce23373ecb22c51fa5e1e3883bcd6e244e07c2196ea05df4846
cc4b5af603ce3a18ca8463ef7828e071005459eb6e62c38f5d00f804516c19b3
cd3f17af37862751a0c8d5fcf2bd7073a2d2b24fb00a19211ed36c186e166f15
d2d48374f744b7a79072c54640e45969bb5b0972025ea9c99c972fab14454fe5
d2f4ee0023f8a8bd256dcb9f772f5dd138a31b4d39e9720f61fcba0d157217f8
d36ab9229636b7b4dc99e0453ca13cbbbdabf20820b34ddd07bd765cb45b1416
d6891778a70210454488fa559428d3925d9b78b39fec736bfdc125862fa94977
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db49d704703d3a91f94dd078da377c0ff821542571031c68f93fbe501eb0f27b
db717f4710aac1b1bb7434bff04662a84984a65e5b8f33f3b494468f5774014f
dcf6b619531fa0c521179654ea4d26f93d8f2a73a78e293243ab66df4977a427
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3481cfe6701c643f2cf14777554a8d82b65e3bb2af6a6e326b925726c4caeef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d3374e03a418879bced995db8bbc1a48cec7cb7add24b42ed340c2ca313ca3
ea2375eb26b3901c11ec2ce04378fd5cfa8da422221c8f0057a64a4c4fccb59a
eaa602ba24563e7853b8de65157794962869acb188d8744f2ad056b289f00405
eb59059165f83ae6eebfc7973dfb7f6c77b6c1170968a6a30c85f643ac160b29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca8f83fda7dabc28699d6fe9a6af62041f1c3ff879fcd6a8703b86a2d0673f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fdd06a293d1624005b066d3f14f3c78215458f5428c08d16c91885568cff6b76
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe56ceedb34b130cd2735917664f9b89fed8904e5806355026bd314e73d134a8

www.gtaall.com.br Open in urlscan Pro 2606:4700:20::ac43:4a93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

98 %HTTPS

88 %IPv6

12 Domains

23 Subdomains

18 IPs

4 Countries

3398 kBTransfer

5626 kBSize

9 Cookies

10 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gtaall.com.br Open in urlscan Pro
2606:4700:20::ac43:4a93 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

23
Subdomains

18
IPs

4
Countries

3398 kB
Transfer

5626 kB
Size

9
Cookies

147 HTTP transactions
10 data transactions