xuxatv.com.br Open in urlscan Pro
2a02:4780:1:1009:0:217a:1b2f:2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xuxatv.com.br/
Effective URL:
https://xuxatv.com.br/
Submission: On November 16 via api (November 16th 2023, 2:50:50 pm UTC) from US — Scanned from DE

Summary HTTP 416 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 40 domains to perform 416 HTTP transactions. The main IP is 2a02:4780:1:1009:0:217a:1b2f:2, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is xuxatv.com.br.
TLS certificate: Issued by R3 on October 16th 2023. Valid for: 3 months.

This is the only time xuxatv.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 66	2a02:4780:1:1... 2a02:4780:1:1009:0:217a:1b2f:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
4	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 56	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
29	146.75.122.167 146.75.122.167	54113 (FASTLY) (FASTLY)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	146.75.118.214 146.75.118.214	54113 (FASTLY) (FASTLY)
27	2600:9000:211... 2600:9000:211a:a000:c:132:48e:f021	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20b... 2600:9000:20b4:9c00:2:5624:e040:21	16509 (AMAZON-02) (AMAZON-02)
3	13.32.27.32 13.32.27.32	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	52.32.219.51 52.32.219.51	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ab:e800:19:f28c:cd92:c761	16509 (AMAZON-02) (AMAZON-02)
5	13.32.110.126 13.32.110.126	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9 28	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
7 7	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1 4	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.29.13.21 52.29.13.21	16509 (AMAZON-02) (AMAZON-02)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:a431:4595:7531:b100	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
38	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	13.32.99.48 13.32.99.48	16509 (AMAZON-02) (AMAZON-02)
20	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
22	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:d::1732:83d6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:211... 2600:9000:211a:e400:c:bbc8:bbc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:6a00:1f:f009:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:239... 2600:9000:2394:7e00:1f:f009:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.48.253.127 52.48.253.127	16509 (AMAZON-02) (AMAZON-02)
4	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.51.249.246 52.51.249.246	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.200.20 54.171.200.20	16509 (AMAZON-02) (AMAZON-02)
1	52.49.226.217 52.49.226.217	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	35.210.149.152 35.210.149.152	15169 (GOOGLE) (GOOGLE)
416	46

66 2a02:4780:1:1009:0:217a:1b2f:2 (Asheville, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

xuxatv.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 146.75.122.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

embed.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
k.twitchcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gql.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.214 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:211a:a000:c:132:48e:f021 (United States)

ASN16509 (AMAZON-02, US)

static.twitchcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:9c00:2:5624:e040:21 (United States)

ASN16509 (AMAZON-02, US)

d2v02itv0y9u9t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-32.fra56.r.cloudfront.net

passport.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.32.219.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-219-51.us-west-2.compute.amazonaws.com

video-edge-88d933.pdx01.abs.hls.ttvnw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:e800:19:f28c:cd92:c761 (United States)

ASN16509 (AMAZON-02, US)

static-cdn.jtvnw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.110.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-126.vie50.r.cloudfront.net

reporting.cdndex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.185.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.5.84 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.13.21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:a431:4595:7531:b100 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-48.fra60.r.cloudfront.net

cdn.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.153 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:e400:c:bbc8:bbc0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.de-config.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:6a00:1f:f009:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:7e00:1f:f009:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.253.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-253-127.eu-west-1.compute.amazonaws.com

measure.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.249.246 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-249-246.eu-west-1.compute.amazonaws.com

secure-sts-prod.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.200.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-200-20.eu-west-1.compute.amazonaws.com

2d59a6fbb3970d110ae26b0700e5d77b.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.226.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-226-217.eu-west-1.compute.amazonaws.com

01b8e2bcb276b303.darnuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.149.152 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 152.149.210.35.bc.googleusercontent.com

tps-dn-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	657 KB
66	xuxatv.com.br 1 redirects xuxatv.com.br	7 MB
54	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	265 KB
46	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	202 KB
38	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	410 KB
32	twitch.tv embed.twitch.tv — Cisco Umbrella Rank: 67925 api.twitch.tv — Cisco Umbrella Rank: 17287 gql.twitch.tv — Cisco Umbrella Rank: 8300 passport.twitch.tv — Cisco Umbrella Rank: 12955 www.twitch.tv — Cisco Umbrella Rank: 14688	823 KB
28	twitchcdn.net static.twitchcdn.net — Cisco Umbrella Rank: 10411 k.twitchcdn.net — Cisco Umbrella Rank: 18274	2 MB
10	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 tps.doubleverify.com — Cisco Umbrella Rank: 515 tps-dn-ew1.doubleverify.com — Cisco Umbrella Rank: 16298 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101	211 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	6 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	543 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	154 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	6 KB
7	adform.net 7 redirects c1.adform.net — Cisco Umbrella Rank: 599	5 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 dis.criteo.com — Cisco Umbrella Rank: 597 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	106 KB
7	ttvnw.net video-edge-88d933.pdx01.abs.hls.ttvnw.net
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	578 B
5	cdndex.io reporting.cdndex.io — Cisco Umbrella Rank: 33793	792 B
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	6 KB
4	sensic.net 2 redirects pixel.de-config.sensic.net — Cisco Umbrella Rank: 60499 1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net 17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net	2 KB
4	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	777 B
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	105 KB
3	imrworldwide.com 2 redirects secure-sts-prod.imrworldwide.com — Cisco Umbrella Rank: 23326 2d59a6fbb3970d110ae26b0700e5d77b.redinuid.imrworldwide.com 01b8e2bcb276b303.darnuid.imrworldwide.com	658 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	418 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	10 KB
2	avct.cloud cdn.lamp.avct.cloud — Cisco Umbrella Rank: 7888 measure.lamp.avct.cloud — Cisco Umbrella Rank: 7326	14 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1824	573 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	207 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2799	3 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	555 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	588 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	389 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	606 B
1	jtvnw.net static-cdn.jtvnw.net — Cisco Umbrella Rank: 9498	32 KB
1	cloudfront.net d2v02itv0y9u9t.cloudfront.net	76 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
416	40

	Domain	Requested by
66	xuxatv.com.br	1 redirects xuxatv.com.br
38	s0.2mdn.net	xuxatv.com.br s0.2mdn.net googleads.g.doubleclick.net
38	pagead2.googlesyndication.com	xuxatv.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
31	tpc.googlesyndication.com	googleads.g.doubleclick.net xuxatv.com.br tpc.googlesyndication.com pagead2.googlesyndication.com
28	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
27	static.twitchcdn.net	embed.twitch.tv static.twitchcdn.net
25	gql.twitch.tv	static.twitchcdn.net k.twitchcdn.net gql.twitch.tv
22	imageproxy.eu.criteo.net	ads.eu.criteo.com
20	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
18	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com xuxatv.com.br googleads.g.doubleclick.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	www.googletagservices.com	googleads.g.doubleclick.net xuxatv.com.br www.googletagservices.com s0.2mdn.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
7	c1.adform.net	7 redirects
7	video-edge-88d933.pdx01.abs.hls.ttvnw.net	k.twitchcdn.net
7	www.gstatic.com	static.twitchcdn.net www.gstatic.com googleads.g.doubleclick.net xuxatv.com.br
6	ad.doubleclick.net	xuxatv.com.br googleads.g.doubleclick.net www.googletagservices.com
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	reporting.cdndex.io	passport.twitch.tv gql.twitch.tv
5	fonts.googleapis.com	xuxatv.com.br googleads.g.doubleclick.net
4	cdn.doubleverify.com	s0.2mdn.net xuxatv.com.br
4	csm.eu.criteo.net	ads.eu.criteo.com
4	sync.teads.tv	1 redirects googleads.g.doubleclick.net
4	use.fontawesome.com	xuxatv.com.br use.fontawesome.com
3	passport.twitch.tv	k.twitchcdn.net passport.twitch.tv
3	fonts.gstatic.com	fonts.googleapis.com
2	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
2	tps-dn-ew1.doubleverify.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	xuxatv.com.br
2	tps.doubleverify.com	cdn.doubleverify.com
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	www.googleadservices.com	xuxatv.com.br
2	pixel.de-config.sensic.net	2 redirects
2	us-u.openx.net	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	embed.twitch.tv	xuxatv.com.br embed.twitch.tv
1	01b8e2bcb276b303.darnuid.imrworldwide.com	xuxatv.com.br
1	2d59a6fbb3970d110ae26b0700e5d77b.redinuid.imrworldwide.com	1 redirects
1	secure-sts-prod.imrworldwide.com	1 redirects
1	www.twitch.tv	static.twitchcdn.net
1	measure.lamp.avct.cloud	cdn.lamp.avct.cloud
1	17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net	googleads.g.doubleclick.net
1	1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cdn.lamp.avct.cloud	xuxatv.com.br
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	static-cdn.jtvnw.net	embed.twitch.tv
1	pixel.wp.com	xuxatv.com.br
1	d2v02itv0y9u9t.cloudfront.net	static.twitchcdn.net
1	k.twitchcdn.net	static.twitchcdn.net
1	api.twitch.tv	xuxatv.com.br
1	stats.wp.com	xuxatv.com.br
0	sync-tm.everesttech.net Failed	googleads.g.doubleclick.net
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
416	64

This site contains links to these domains. Also see Links.

Domain
streamelements.com
www.twitch.tv
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
twitch.tv
discord.gg

Subject Issuer	Validity	Valid
xuxatv.com.br R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
twitch.tv GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-01` - `2024-10-02`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
twitchcdn.net Amazon RSA 2048 M02	`2023-04-10` - `2024-05-07`	a year	crt.sh
*.twitchcdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-02` - `2024-10-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
passport.twitch.tv Amazon RSA 2048 M02	`2023-05-14` - `2024-06-11`	a year	crt.sh
spade.twitch.tv Amazon RSA 2048 M01	`2023-05-15` - `2024-06-12`	a year	crt.sh
static-cdn.jtvnw.net Amazon RSA 2048 M01	`2023-03-13` - `2024-04-10`	a year	crt.sh
reporting.cdndex.io Amazon RSA 2048 M01	`2023-04-12` - `2024-05-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.lamp.avocet.io Amazon RSA 2048 M01	`2023-02-24` - `2024-02-07`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.lamp.avct.cloud R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://xuxatv.com.br/
Frame ID: 8714EA737FF3679F8433DD43717D061C
Requests: 84 HTTP requests in this frame

Frame: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Frame ID: 92B7E8DA027AF0997CB2D6EE64096BB8
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 8A32E895A0C4BADE3A20E5339D97CC7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&adk=1812271804&adf=3025194257&lmt=1700146239&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146238795&bpp=3&bdt=776&idt=589&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5230436701717&frm=20&pv=2&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=619
Frame ID: 9926AF1B0B4130DBAA5FA75100F9E294
Requests: 1 HTTP requests in this frame

Frame: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Frame ID: DA0C2CADCD1642F5C7264561AF3FC4D1
Requests: 5 HTTP requests in this frame

Frame: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Frame ID: D5A96F31B09B3C83A574352B69731C7D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Frame ID: 690EBB33FD4EAA0E1A2DBE829E85FA2B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13
Frame ID: EAECEDF27D4EEB912989ED63048EBC17
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18
Frame ID: 78E67988A3DEA0C96C1AF1804077C94F
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVYsQAAEmrcHg4toAAPau0wMjKxs1Z1AQgP8hQ&u=%7Cbm5e4PunlcKyHArTvuC63t4THRwDHB70%2B8ouVsIeBTA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k841W0JDvRk-nbAYlnaTkW7y1jxegkzNYqSum8-AGFaeU-zSslqeEWSPOrupmHEAsKPi2Y2xOvxY30aOxyosCEwMVPJb2CE1lmDnkTI0OK8U0La6ez6A6ZGeqmrEECMX1G_y7LFIB6qJ4Ai_ztTE3io9uPkQeorLR0GOvntHRa4LiO43c0LC3ShrldH6KIyHr4BUcBW4D4GHGK6WKQXrZGC4wzeWXdW3S7QhWzEVFn67lGBx64TeoghzUvERSqRkRSaNAT5bnlF7q6OW531A1erNBwlwVspCnBul6NLwDWZJUcRB1mQyxHVpYqEC8lGvh50JIBquc9j2qgTWeg1mNHnWER9UeZOGDKRyV1sWKqx6ShC-bN4Erf9KR8tWuUHmrM2JJ81vPiMYhzHdjAbMauHpQtfPW3NKEayZ9Wiycy9VoJkDji-l_oZwcmdhJo_aTuiksx4CyoDCi9LtBwc7CPjj7bXq_qkS7zubFrUdy67w5pUSddhcZ_udmvcwGY5CVhnPFCU3FpXk7X3F7s5bUdoVn-0crA16c2f2cPECOLDQ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7ySQCxWZbe1EuiWjuwPu7WPmA_JntKxXLWY49aTAcCNtwEQASAAYJX6-IGUB4IBF2NhLXB1Yi0yOTc0ODk0MDUxMTM3NzMzyAEJqQK_2Gm_FTSyPqgDAcgDAqoEygFP0H-jeBmCOHYjnyCuvEV6Loc4Zj1XAvu2xEt87KzBc_jD18_oH3wsATXp5PBsH19mjAkJ_0nKtOpB7gRBVtysaY2gwsSRWOEpKPsKiuPMzOIu4xaE31tPAkRSAL8R-n1lMTlEaIpuS3Ycg49MJI0gbKJQ-MpQdPKVo6e2S6zf-8bbdoqKtsmmH6p9Gq-4fylulMHcgNfYVlTubNoebjdAJMSo9prGH76OtoAv-b2x2JaaWvIPYdtwQ0YpmUutQ3mNRP2ft7FZLE-ZgAb4heXCq4vgsYIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2P7GpcanRotjJSLH1VtKdoa_7bCg%26client%3Dca-pub-2974894051137733%26adurl%3D
Frame ID: 505EA01C4DCC73BB0EC8B2A0B89EB79F
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C41080D540D036E47738AAB4099C4FD
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVYsQAAEliEKd_jUAAizWqdnMU8VH2Zo4aMtTw&u=%7Cbm5e4PunlcLVj0jo1Oxc4GO1Mu8AYLHOVM4htGCGIBM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k841W0JDvRk-kIFk-gqFwW4U2UgyAs938Ietla2bQ7k7IwY8_sPU7ayY_m_TkOGopv-8d75ARxeXsP3hoxagbq4Tyxv9QPAno5g2No6Hyk2lIR72efFRGZ2v9-ZSm4wtwAsb_z08pB62B3rzQza7C5AjjvtNW4sKxUGR8b-2Sat0ISoET6xPcpLgtr7KlzlRJIEi9kvF1M4SE8_yBDY2vc_kLlZf_luNEUtsdi4tYTUj54oFJN97B2bUVhHsjie_vSKz0kw_1fVYIvyP990-pI3ALQIPcWW8Nx5ftlyQ67q1OKQH7fR01M-CpRG-5ZmT7xtscZEAdXlDpj3Ej6U6i5bWCMD3dASnY-iZfOFfoB8R2MIurCNJ0oEKEmyic1I9olj-h9tcN1FTnYM2tbFhqdYKC7iKR4vGcvfife4KnwnVRCsF8Q3jfGQAJHn8txX0zy-tBvo66_8K2ZMldalum2GvL-Sw4wDypUQAXZKbgeZJh4-BXapeELkhbS4xVMj3ZhLG5shR_pvkgTqizdn0XRvqHoZKG3GOC4swdOuBfMDl8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcWlCQCxWZaGsEtTx3wPa5qKYDcme0rFczYbj1pMBwI23ARABIABglfr4gZQHggEXY2EtcHViLTI5NzQ4OTQwNTExMzc3MzPIAQmpAr_Yab8VNLI-qAMByAMCqgTKAU_QKyvWr1ZH-OjaHbSFYesRbCXh2Rzivj50Jif6s2Olm9ZiginWswRXh_d2ZWoi1EkUi38lTV-jkPnn6bb3AU0hzO8j43V5BvQJWzVswTmSWSPEbrMnCxgcsHR0qmT9VNLsh_jawARsZEh0ZNOayppZkd0u3E2E6RgR2vZ8ANqkd-fts9psoT_v2YjZqIwo6hJ8AuJEYa7r12qRa5fimWjB38XI_wjAS5MnyTlRRVXFDpccPa7-Sv6FF8jkiF88ViJC6LOtq_dLi2CABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38rx5Yo1zA4f2T-tUhbDF7rXCCuA%26client%3Dca-pub-2974894051137733%26adurl%3D
Frame ID: 508035902856E9F41A28A847775EB605
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0626395887F1BA35D618B0B61DA67844
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 59527E8826C3DE8D9C776A3F0D78DBC3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 7163DD4558793FE2889627CF4ADDDB8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: CC88BDEB221F07631664F2871C113864
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: D07D24CEAE10259A42B82E320126C261
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4F0248E4F8C5275412E86E5631364683
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DF138D38C0F9A9BA4C97E8D528330EA1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXgbZqtws38G9rcD_1SQre_zsq33nq_LmQzA6dNTAqUVd22wszSIBiZBzlQ1JqT_2u0JMPSBC_kZQhhCQTjomD6tDX3kM8gWXvbiD2Uuxl9t1LD56nRVsiGg8n1v-bC6YiwSgHdv3kIlTqtz2fLO5em7Id1H85twMbMt6Q5ytFHOWvG4WU
Frame ID: 37813A0690EFA46AA4CF2550731918DD
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: EE40B53618B6054E8B810920A484A27D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXU5IJgsgOk17-YeDqwz5YgdDu3xxkPd_eU5Lazl9VAXOxFRJ9cvJZS27aXbBNDV8D942owa8uzoiDystgGMeqOr4qF3DyjY0SHjc9JHUhIqfBdm9jCv-uUcVL2H_YxZ-GsssxbWGhQ5XPiZ5tmfWQbnxgJcosjts_4Y3K0UF06OA_3xLw
Frame ID: FD04DB51A19ED8EECB82958129A6B323
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 82CA129446B475846AB1D93D690BF3CC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNWqMAv4p78OjVmvr4qmz5yfNMjeMulPVOPxQu7Eg1bGhSidmfHcCQlxRiAwxb2frb5gFKRHDsIQkNDJa0bHcRzMmOfvwLi3kGGrfHtRrV98Sbzt9wzEESkKEth819QGhxYWz9dsDQfgL5L9SEgmFlnn0l5nCzkqGoR8CfkWZ-3MSmg5-dg
Frame ID: 0A821507FC46FAA0D4B7B587B7FCBB49
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EA6CEF42256A506ECECB0DE7F7018D14
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 468EFBDCDAC0267BB0CBDDBCA9E62A7D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
Frame ID: 49A5519C7E6D562A73C8E5D0113E14DE
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
Frame ID: FE18DF8BB4EA5C1BC5571F403F8B7FC7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1FC91A59BBC6313A3E1EF73715C66C9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D916EAE795C6FEE36E473DABE4BE8415
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: C0EB8DC549B1AD7A3AD71ED608A6C94F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4946.js
Frame ID: 23814F8F686836174A8F752ADA58A135
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: FBFCBA30744315821B123BFB018E8A6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CCDB5E1B17A39566AFFAA7D66DC9734F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4946.js
Frame ID: D16479AECA7B847DD5470763366EF09A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B8D06C10183A85787EB605BC05088EED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
Frame ID: 33C299253B89A33F839218D8F6E76685
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 006E95B91B8A6A04017CB6BE64AD672F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26E7BFEA644B765073E4E9C674DFA41F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XuxaTV | Game streamer

Page URL History Show full URLs

http://xuxatv.com.br/ HTTP 301
https://xuxatv.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

416
Requests

92 %
HTTPS

45 %
IPv6

40
Domains

64
Subdomains

46
IPs

9
Countries

12502 kB
Transfer

25744 kB
Size

31
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://streamelements.com/xuxatv/tip
Title: PAYPAL

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/xuxatv
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/xuxagamer
Title: Seguir

Search URL Search Domain Scan URL

URL: https://twitter.com/CanaldoXuxa
Title: Seguir

Search URL Search Domain Scan URL

URL: https://www.instagram.com/xuxatv
Title: Seguir

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGCIDxvr--Y3MNNdbJyH13w
Title: Seguir

Search URL Search Domain Scan URL

URL: http://twitch.tv/xuxatv
Title: Seguir

Search URL Search Domain Scan URL

URL: https://discord.gg/29zQVdV
Title: Seguir

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xuxatv.com.br/ HTTP 301
https://xuxatv.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 176

https://um.simpli.fi/gp_match?google_gid=CAESED0JuW-xgITNYAFTHPnhGoU&google_cver=1&google_push=AXcoOmRomgvZutIvy8PdvzzIkGGwoEcax38CWQCa591OSyP7hfpMGNHApcEi8VDg2w2Hc2fFJwtq-q4wNiXNq0d_SvaOCzl8AXIFBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmRomgvZutIvy8PdvzzIkGGwoEcax38CWQCa591OSyP7hfpMGNHApcEi8VDg2w2Hc2fFJwtq-q4wNiXNq0d_SvaOCzl8AXIFBA

Request Chain 177

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELgBBYrpo0K2f_xTK0DCgqg&google_cver=1&google_push=AXcoOmTRKQ3bhAxQFJy1eZx6sWiRDnFS8Wn-2FMCptpbL9hVudK819hsdbdcxnfkhuFFQBEPhL17J6IipZQ9v2Aae2DJXFlEmJhH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTRKQ3bhAxQFJy1eZx6sWiRDnFS8Wn-2FMCptpbL9hVudK819hsdbdcxnfkhuFFQBEPhL17J6IipZQ9v2Aae2DJXFlEmJhH&google_hm=fEKD4iyiQyKiWCuUraOULhs

Request Chain 178

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_HDthwI6v9jDkvZCpzjiFoOg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_HDthwI6v9jDkvZCpzjiFoOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTY0OTIyMzI5MTY2MzQ4OTg3&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_HDthwI6v9jDkvZCpzjiFoOg

Request Chain 179

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q1_5JSO0yzYpYWtQ4I_YnexMQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q1_5JSO0yzYpYWtQ4I_YnexMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE1MTM5NTA5NDIwMjU2NTk5MQ&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q1_5JSO0yzYpYWtQ4I_YnexMQ

Request Chain 181

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED4SqrTNJ3676U-QxYTPzao&google_cver=1&google_push=AXcoOmSdSEjmy94dGrlpanYOK_gNF-lQ_HCe_kBySY3KuTbyA2x94pRySbMdCXX-grJex43tHSbsSx0XCX_68gLrUQ7eSa8wOhDJQl8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSdSEjmy94dGrlpanYOK_gNF-lQ_HCe_kBySY3KuTbyA2x94pRySbMdCXX-grJex43tHSbsSx0XCX_68gLrUQ7eSa8wOhDJQl8 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 183

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cver=1&google_push=AXcoOmQB1440B3-W4CNE0dfHaAjAJLrqA4FYIPf1Xk3c22LfTCQdP2HEe-Sc04B_tWfoQsRhLDBFyF4n6qgRRxVwreVbRfEyipnBCXM7 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cver=1&google_push=AXcoOmQB1440B3-W4CNE0dfHaAjAJLrqA4FYIPf1Xk3c22LfTCQdP2HEe-Sc04B_tWfoQsRhLDBFyF4n6qgRRxVwreVbRfEyipnBCXM7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHMxcTk4Y1kxUjNESHo1&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cver=1&google_push=AXcoOmQB1440B3-W4CNE0dfHaAjAJLrqA4FYIPf1Xk3c22LfTCQdP2HEe-Sc04B_tWfoQsRhLDBFyF4n6qgRRxVwreVbRfEyipnBCXM7

Request Chain 186

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED3av0Ly42aagbxa7s0U3RU&google_cver=1&google_push=AXcoOmQ527L4Msto92DxHwHrtntowpCpfkZ54hurCf2qdoeCTdzivK0EKoqtTHjMHB6kVk0qtHJsKp7TsHl0WPxTBB9AFqtuiR8NiBU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ527L4Msto92DxHwHrtntowpCpfkZ54hurCf2qdoeCTdzivK0EKoqtTHjMHB6kVk0qtHJsKp7TsHl0WPxTBB9AFqtuiR8NiBU&google_hm=eS0yWW5Xd0lORTJwSGpjOTZqUXRhVE9NYU9hdktsa1hOcH5B

Request Chain 188

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENCVUfsby0Pb2-wmdeiFRQI&google_cver=1&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1pAgctH0C-bxU58BHI2aamSQt0T HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENCVUfsby0Pb2-wmdeiFRQI&google_cver=1&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1pAgctH0C-bxU58BHI2aamSQt0T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1pAgctH0C-bxU58BHI2aamSQt0T

Request Chain 189

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECW3jvMF8IyDVpZoEwWuzNg&google_cver=1&google_push=AXcoOmQK42A9QSma8a0MjpGQvok0N0FD8m6dOyU5Zje45r30J1F9dAXMF0okn4qVtI0QO-13I8edt8vPeyU2nDSOiA52D8Co0whTyVn4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQK42A9QSma8a0MjpGQvok0N0FD8m6dOyU5Zje45r30J1F9dAXMF0okn4qVtI0QO-13I8edt8vPeyU2nDSOiA52D8Co0whTyVn4

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYsQVCDIKJjT7DiCeOHIQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMVd0fM7coRGZMvkTgPJydU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1

Request Chain 241

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NTI2MzMyNDI1NzI4ODcxMA%3D%3D

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1

Request Chain 243

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYsQVCDIKJjT7DiCeOHIQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMVd0fM7coRGZMvkTgPJydU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1

Request Chain 245

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUyMDA4MTM0MTE1NDk5MjgxOQ%3D%3D

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFZ3m1Rf4mTI_1nSmq9NhVs&google_cver=1

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEE0XM3ASKf_wJIWEU9wUHaU&google_cver=1

Request Chain 279

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 285

https://um.simpli.fi/gp_match?google_gid=CAESELySCh4W9yEGHvJbmpJVwGI&google_cver=1&google_push=AXcoOmTCC5j5zW2GbVr-byGDPNI2D3II6iS56zRLatzuqGGZVmjLVDMQfPSELlnmonqIjAgAzkZyfgXLNJ9LbkvvH7Ml78hHOtWCE9U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmTCC5j5zW2GbVr-byGDPNI2D3II6iS56zRLatzuqGGZVmjLVDMQfPSELlnmonqIjAgAzkZyfgXLNJ9LbkvvH7Ml78hHOtWCE9U

Request Chain 286

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAUk1ElKElLeXK477W-gTHA&google_cver=1&google_push=AXcoOmSA4JjZRNKJO3cs-ik849biJHH_-PmcLBNJXoc_XrFaMOpaf3Kl6Zajv7MIz67DVTYS_1BIS9F_qi98ihIadkuPzKmpz1hmegOL HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSA4JjZRNKJO3cs-ik849biJHH_-PmcLBNJXoc_XrFaMOpaf3Kl6Zajv7MIz67DVTYS_1BIS9F_qi98ihIadkuPzKmpz1hmegOL&google_hm=hmVWLEE3nuxUgEPbyA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65562C41379EEC548043DBC8BLIS

Request Chain 287

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBGHLjOqLWg0yIGT5wX55vU&google_cver=1&google_push=AXcoOmTEpvIAb8GLoDDm4JCJr7dpjcwPaYvS-bdiDiHYEz5iPu8BA4GNCdqQi-VSONh7PMlPGKWDuB3izDnGIGR1knSBq49YCZhPSaIG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjA3MjUwMzUyNTE3NzQ4OQ%3D%3D&google_push=AXcoOmTEpvIAb8GLoDDm4JCJr7dpjcwPaYvS-bdiDiHYEz5iPu8BA4GNCdqQi-VSONh7PMlPGKWDuB3izDnGIGR1knSBq49YCZhPSaIG

Request Chain 288

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBSSw_IXKod63xzIT-J_3Z4&google_cver=1&google_push=AXcoOmStcA-kA0bzidn6u01PqR0Mxw9U6wRh1R-0nHoZORRfUgRA2qjjxzmreu-4IQYR2Zk_UQthjYsGISkNCDLvIThet_mexUPVHJZg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v72TfJuKTqwZCUwM3bSafA&google_push=AXcoOmStcA-kA0bzidn6u01PqR0Mxw9U6wRh1R-0nHoZORRfUgRA2qjjxzmreu-4IQYR2Zk_UQthjYsGISkNCDLvIThet_mexUPVHJZg

Request Chain 289

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB7enqFpBFd-3dHeh9Ag4RA&google_cver=1&google_push=AXcoOmSGFD9GhoOqAcXky1rEyfM36MgDyDnu8NfXP27Kf30tqT4Nu-cAyU8kZwVCfer5MsEeiAlJUqecyFX-oV45SiLgEwwq-yDc42Ab HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGFD9GhoOqAcXky1rEyfM36MgDyDnu8NfXP27Kf30tqT4Nu-cAyU8kZwVCfer5MsEeiAlJUqecyFX-oV45SiLgEwwq-yDc42Ab&google_hm=eS0yWW5Xd0lORTJwSGpjOTZqUXRhVE9NYU9hdktsa1hOcH5B

Request Chain 290

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBJCUCxzjZsWwXxWvYXTivY&google_cver=1&google_push=AXcoOmSerdaFNCZZYcyT9BuLAJOlyT2uWhFy1rSR5MZvFe2Di7H14-cIDXjtDsqwqlaArMz9pEvucge8UUPN-b_T50ZynRiHygVehLQv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmSerdaFNCZZYcyT9BuLAJOlyT2uWhFy1rSR5MZvFe2Di7H14-cIDXjtDsqwqlaArMz9pEvucge8UUPN-b_T50ZynRiHygVehLQv

Request Chain 295

https://pixel.de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_116_de&c=11600102&pr=2146339555&gdpr=&gdpr_consent= HTTP 302
https://1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=1700146242344EE2B0C764FA1AC7316038B30FA1A8FCFDA488EFB92D

Request Chain 299

https://pixel.de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_116_de&c=11600102&pr=291987283&gdpr=&gdpr_consent= HTTP 302
https://17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=17001462414732CF4CB9B877531377D48E89A673295F4AA77BF69FCB

Request Chain 317

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca8erQCxWZba1EpmQrAS3kaqwDrX38p50pvjLw5ESi6j0ysIBEAEgjfT0jwFglfr4gZQHoAHko9qSKsgBCagDAcgDywSqBNcBT9DXGcNge-xw6fnTzyL97b3wRCQjBl34cPm3Bxm296i3TlH2nYB-pC8VCle7WayDi3M84Ltt6T_RlDVaU5Sks86dgR4FxERTZQmoVi-mCSlaXHVhLchbAm4X8SAZIxtoam7R7XbxA_vJcfopaNi7LraF3cl686EJgAaM5-0fqV0VHQff9_P53Xf7YXCXrAn9F_bK9n5rntX9GYfgr_my7MRGkwORe173hag_NjQ8c5-0Cn0xuXwAifKmTQjPNZV5emnmpejk4bRqXrTlk_m43-3EZiRtc8PABNbG7KXMBIgF4bD32EySBQQIBBgBkgUECAUYBKAGLoAH5Nuq8gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCE3gLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgnyA2h0dHBzOi8vbGlmZXN0eWxldHJlbmRzaHEuY29tL2NvbnRhaW5lci1ob21lcy1kZS0yLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fY2FtcGFpZ249MjA1ODc1OTk5NjkmdXRtX2NvbnRlbnQ9MTU3OTE5NDIxMjcwJnV0bV9tZWRpdW09eHV4YXR2LmNvbS5iciZ1dG1fdGVybT0mc3ViaWQ9MjA1ODc1OTk5NjlfMTU3OTE5NDIxMjcwJnNlZ21lbnQ9YzJzbGlmZXN0eWxldHJlbmRzaHEwMDAxJmdhbWlkPUFXLTExMzEzNTE3MDI4JmdjbGNpZD1BVy0xMTMxMzUxNzAyOC9iZjZhQ0pEODVlRVlFT1NqMnBJcSZmb3JjZUtleUE9SCVDMyVBNHVzZXIraW4rU2NoaWZmc2NvbnRhaW5lcm4renUrdmVya2F1ZmVuJmZvcmNlS2V5Qj1Db250YWluZXJoJUMzJUE0dXNlciZmb3JjZUtleUM9SGF1cyt2ZXJrYXVmZW4mZm9yY2VLZXlEPUthdWZlbitTaWUrZWluK3NjaGwlQzMlQkNzc2VsZmVydGlnZXMrQ29udGFpbmVyaGF1cyZmb3JjZUtleUU9Q29udGFpbmVyaGF1cy1CdW5nYWxvdyZjY29kZT1kZYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMjk3NDg5NDA1MTEzNzczMxgA&sigh=xTpvrJ_K2vQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNaPDBtOASkLztldapp7wxoRZDXnzGJG3E7-y5BolVnackYCmbYsE1zLx9vSkvsbj2FnBkDEGxGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223069207111721415038%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestyletrendshq.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313517028%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213893382163776038321%22}&andc=true

Request Chain 342

https://secure-sts-prod.imrworldwide.com/cgi-bin/gn?apid=PE7867845-886F-4940-8BB2-44030EE44570&createtm=1700146240&pingtype=1&prd=audit&product=dcr&sessionid=01b8e2bcb276b303&streamid=1071224dd1d5986082ec0902e2609abf&uoo=0 HTTP 302
https://2d59a6fbb3970d110ae26b0700e5d77b.redinuid.imrworldwide.com/s2s?url=https%3A%2F%2F01b8e2bcb276b303.darnuid.imrworldwide.com HTTP 302
https://01b8e2bcb276b303.darnuid.imrworldwide.com/

416 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xuxatv.com.br/
Redirect Chain

http://xuxatv.com.br/
https://xuxatv.com.br/

66 KB
20 KB

753ms
490ms

Document
text/html

2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

15bd30d9935bc5e145f644cf3f6804a6990f165df23219d03c0d956549347fb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 14:50:37 GMT
link: <https://xuxatv.com.br/wp-json/>; rel="https://api.w.org/" <https://xuxatv.com.br/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://xuxatv.com.br/>; rel=shortlink
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Thu, 16 Nov 2023 14:50:37 GMT
location: https://xuxatv.com.br/
platform: hostinger
server: LiteSpeed

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 502ms
281ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css?ver=1700146237
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b8085bf2c839791244bd95f56fb93c01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8A1mOcSO2ml7h8c2%2FXFD7uGYcr4RIGiFUN6M3btsneic5D5T5TViDZTcebm8007aGZmhhYlLpkmCTAahqX1o4hZNhLk4s5gpashdH0TVkSbnmxjKHcfKl8A%2FjSMz5sIzPbT16N7aajBByAsi17Kyi0w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 82708c255caa7faa-IAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 codepeople_shearch_in_place.css
xuxatv.com.br/wp-content/plugins/search-in-place/css/ 3 KB
927 B 182ms
177ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/search-in-place/css/codepeople_shearch_in_place.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

af20c573099d2bc41c90b36929134598a8f6a3b3b52c6280e90ecb4ec3e2e652

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 13 Aug 2021 19:36:23 GMT
server: LiteSpeed
etag: "ae7-6116c9b7-ee2de071cfd16870;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 765
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 style.min.css
xuxatv.com.br/wp-includes/css/dist/block-library/ 57 KB
8 KB 182ms
177ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/css/dist/block-library/style.min.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Apr 2021 09:54:49 GMT
server: LiteSpeed
etag: "e33b-60780d69-373ccef6cd9e5cab;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8002
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 blocks.style.build.css
xuxatv.com.br/wp-content/plugins/embedpress/Gutenberg/dist/ 518 B
327 B 182ms
178ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6d2c88d7b8364da624551c4b898778538b8020b501bd56717773d7a1d18f6d1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 11 May 2021 16:43:02 GMT
server: LiteSpeed
etag: "206-609ab416-b9f6faee4034b4b8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 242
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 embedpress.css
xuxatv.com.br/wp-content/plugins/embedpress/assets/css/ 3 KB
687 B 183ms
178ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6cb35f7588c16390c3693092c2bb50a0b8f78f85462220811f6197df99a02341

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 11 May 2021 16:43:02 GMT
server: LiteSpeed
etag: "aa8-609ab416-a2f338c8acea34b9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 624
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 owl.carousel.min.css
xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/css/ 3 KB
995 B 183ms
178ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/css/owl.carousel.min.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 22:51:06 GMT
server: LiteSpeed
etag: "d17-608ddb5a-972a397e06277a73;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 909
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 fh-carousel.css
xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/css/ 2 KB
598 B 183ms
179ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/css/fh-carousel.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8075015fa33f42ed0b6b17d22fe0d4fc2935949409045f3152b9c87698e9611d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 22:51:06 GMT
server: LiteSpeed
etag: "780-608ddb5a-6752887449eb5bb0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 535
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 stream-status-for-twitch.css
xuxatv.com.br/wp-content/plugins/stream-status-for-twitch/ 5 KB
1 KB 183ms
179ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/stream-status-for-twitch/stream-status-for-twitch.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0d6066bcc6ad6d23b4eb028f12f9cca79277cdf00778a112e9c39bc00be2e65b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 21:19:22 GMT
server: LiteSpeed
etag: "1517-608f175a-c3ccd267d4a1dac2;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1373
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
982 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A500&ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:46:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 14:50:38 GMT

GET
H2 200 front.min.css
xuxatv.com.br/wp-content/plugins/popups-for-divi/styles/ 7 KB
2 KB 183ms
179ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

62af0c20276c24765b417a627557cf14d6a7638db797f3673a3c7b0963ad8b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 19 May 2021 17:06:19 GMT
server: LiteSpeed
etag: "1dd5-60a5458b-bc56967dc6a5cb93;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1534
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 style.css
xuxatv.com.br/wp-content/themes/Divi/ 805 KB
71 KB 183ms
180ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/themes/Divi/style.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1be7b683516f00ef5d0d5d085989da98c6a5d2ddb55d83573373b729a70d7ae4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Jun 2021 12:23:01 GMT
server: LiteSpeed
etag: "c958f-60db10a5-685d33c479098c2b;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 72543
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 style.css
xuxatv.com.br/wp-content/themes/Andaluz/ 7 KB
2 KB 436ms
432ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/themes/Andaluz/style.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

66a7b650897e44278afe9cd172dbf8c98332548049d15ce1008d9a46ad709577

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 27 May 2021 17:05:43 GMT
server: LiteSpeed
etag: "1a08-60afd167-a80996d4a53bb669;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1668
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 style.min.css
xuxatv.com.br/wp-content/plugins/supreme-modules-for-divi/styles/ 162 KB
12 KB 441ms
437ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/supreme-modules-for-divi/styles/style.min.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9b8583bdfd42a85662e77156da80d7b79312af1c5a12de4323b5c0e56f921975

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 17 Jun 2021 13:01:13 GMT
server: LiteSpeed
etag: "2882e-60cb4799-5f5a6838d9ed9c54;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12367
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 49 KB
2 KB 83ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Marcellus%3Aregular%7CRubik%3A300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CInter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&display=swap&ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98f4a2dda336bc13f4fafa68647ac0304c34c227bc078eb5701dbcf25976c3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:50:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 14:50:38 GMT

GET
H2 200 app.css
xuxatv.com.br/wp-content/plugins/simple-lightbox/client/css/ 232 B
314 B 564ms
561ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/simple-lightbox/client/css/app.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Jul 2021 14:26:55 GMT
server: LiteSpeed
etag: "e8-60ec512f-60a1ca95bf65cfc0;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 232
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.3/css/ 58 KB
13 KB 300ms
237ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=1700146237
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

Referer: https://xuxatv.com.br/
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"74bab4578692993514e7f882cc15c218"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e9GGXVehmg0oFJyG%2BLZyT1iZCMsT67c8lBxY5%2FunPy7atn2Edd96RvJYnHfglc8WkKrhyk1XXmKCMY7SvhrswMJUy9VsBOYcqHkx44dDPPKgm9BwNdvGcr2skz2iouZDfNz9UMWEU7NWUTNPqHyR%2F6h"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82708c241d0c0c35-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.3/css/ 26 KB
4 KB 321ms
258ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/css/v4-shims.css?ver=1700146237
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

Referer: https://xuxatv.com.br/
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c55205bce667f5d812354fd1353e7389"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egCtdTRGrDcvTNzrQvo5zg2H5bdG1glw3BQ5GzgcL%2BR45AycUwyWciXw%2BAnWDVUTN9cYdRcan9FiG%2FG29YJ1%2B8BTQpvSgVUQ%2Fg2mEAxwbm%2FI%2Bxl7blA%2FfK5oKn5x%2BE%2FLRgmnqfs6LKzT03MYxUU3C%2BVf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82708c241d0e0c35-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jetpack.css
xuxatv.com.br/wp-content/plugins/jetpack/css/ 76 KB
13 KB 564ms
562ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/jetpack/css/jetpack.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 30 May 2023 09:48:28 GMT
server: LiteSpeed
etag: "12f9f-6475c66c-c63d162dae82b156;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12894
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 jquery.min.js Show response
xuxatv.com.br/wp-includes/js/jquery/ 87 KB
29 KB 435ms
433ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/jquery/jquery.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "15d98-6076116b-2b8cdfb94d4a89f9;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 30032
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 jquery-migrate.min.js Show response
xuxatv.com.br/wp-includes/js/jquery/ 11 KB
4 KB 435ms
433ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "2bd8-6076116b-9ac643cd8ecd53a5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3984
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 codepeople_shearch_in_place.js Show response
xuxatv.com.br/wp-content/plugins/search-in-place/js/ 18 KB
5 KB 436ms
434ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/search-in-place/js/codepeople_shearch_in_place.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5182ec1a495e786e4e1a5932bc245e04e4d69df8487e36be3c31f5dbe933d855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 13 Aug 2021 20:58:24 GMT
server: LiteSpeed
etag: "46f9-6116dcf0-61650005074d6c5b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5080
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 ie-compat.min.js Show response
xuxatv.com.br/wp-content/plugins/popups-for-divi/scripts/ 9 KB
3 KB 436ms
434ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b42caa95f45bd0f129a0bd428c1050df9f38f2b69e753b8d7cba7bdbc8e0cf8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 19 May 2021 17:06:19 GMT
server: LiteSpeed
etag: "25af-60a5458b-60c875c91c1f22b5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3366
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 pdfobject.min.js Show response
xuxatv.com.br/wp-content/plugins/embedpress/assets/js/ 5 KB
2 KB 436ms
434ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e2aa0c7854e40d3c98add7b233c695057fc70b36f05bd41e23a9f00275061bd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 11 May 2021 16:43:02 GMT
server: LiteSpeed
etag: "1357-609ab416-74327032d5c4cce4;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1709
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 owl.carousel.min.js Show response
xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/js/ 43 KB
11 KB 436ms
435ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/js/owl.carousel.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 22:51:06 GMT
server: LiteSpeed
etag: "ad36-608ddb5a-5b25f88efe2db460;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10973
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 fh-carousel.js Show response
xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/js/ 2 KB
604 B 436ms
435ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/post-carousel-for-dv-builder//assets/js/fh-carousel.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b117fd901347bbff0bd87aa7604bbfb369127bd59b8e1a53414ee3cf8602fed7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 22:51:06 GMT
server: LiteSpeed
etag: "967-608ddb5a-56be1a30c31e17a6;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 541
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 modules.ttf
xuxatv.com.br/wp-content/themes/Divi/core/admin/fonts/ 90 KB
36 KB 437ms
435ms Font
application/x-font-ttf 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/themes/Divi/core/admin/fonts/modules.ttf

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Jun 2021 12:23:03 GMT
server: LiteSpeed
etag: "168f0-60db10a7-5812c91e80bcf37e;br"
vary: Accept-Encoding
content-type: application/x-font-ttf
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 36345
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 128ms
71ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2974894051137733

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bce03830085f51179f7410dd50cd87f243ea044fd1dee147852860b05f9269f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53287
x-xss-protection: 0
server: cafe
etag: 10656973688785057864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:38 GMT

GET
H2 200 et-core-unified-tb-907-11-16987048998351.min.css
xuxatv.com.br/wp-content/et-cache/11/ 36 KB
5 KB 563ms
562ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

09e2d008f737b14f838e143e4da91727061d41df215cc91a85f2451c7baf325f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 30 Oct 2023 22:28:20 GMT
server: LiteSpeed
etag: "91b8-65402e04-371d46dd0cafaec6;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4882
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 et-core-unified-11-16987048998351.min.css
xuxatv.com.br/wp-content/et-cache/11/ 3 KB
1 KB 132ms
131ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-11-16987048998351.min.css

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

70d47fbe8ad51a9d06a022d2cf3a473bc9ac8e16b41cef87e97f38124408afc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 30 Oct 2023 22:28:20 GMT
server: LiteSpeed
etag: "b88-65402e04-47b26ee7dc0d8629;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 803
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 Xuxa-logo-2T.png
xuxatv.com.br/wp-content/uploads/2021/05/ 12 KB
13 KB 132ms
132ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Xuxa-logo-2T.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6bd3fea5dba78b94182a62a83a51d93752dbeebfab5cb8100b16cfd4451ca04f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 05:48:21 GMT
server: LiteSpeed
etag: "31cd-608e3d25-50446baaf0b596f2;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12749
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H/1.1 200
OK v1.js Show response
embed.twitch.tv/embed/ 26 KB
8 KB 95ms
26ms Script
application/x-javascript 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.twitch.tv/embed/v1.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ec75992b2219fffefcfe8ba6094466dc3aa5d410cba0a71da2052123448de0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 14:50:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300
Via: 1.1 varnish
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 7927
X-XSS-Protection: 1; mode=block
X-Served-By: cache-fra-etou8220056-FRA
Server: Kestrel
X-Timer: S1700146239.547288,VS0,VE1
ETag: "0fb183be3df7fa7c02057975d6df8204"
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Content-Type: application/x-javascript
Release-Type: release
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 200 mediaelementplayer-legacy.min.css
xuxatv.com.br/wp-includes/js/mediaelement/ 11 KB
2 KB 131ms
131ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "2bf8-6076116b-1df0673e11f47ff5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2379
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 wp-mediaelement.min.css
xuxatv.com.br/wp-includes/js/mediaelement/ 4 KB
1 KB 130ms
130ms Stylesheet
text/css 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "105a-6076116b-687b305204235ccd;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 979
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 front.js Show response
xuxatv.com.br/wp-content/plugins/embedpress/assets/js/ 642 B
393 B 131ms
130ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/embedpress/assets/js/front.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3e0883088748759001d4eb553095b01f86bc875d6eb1db1d244efe21596518b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 11 May 2021 16:43:02 GMT
server: LiteSpeed
etag: "282-609ab416-a3fab8bcb6fafe7d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 298
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 front.min.js Show response
xuxatv.com.br/wp-content/plugins/popups-for-divi/scripts/ 61 KB
19 KB 132ms
129ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

515927139c82bf4a048c6fdc6a60b3a07a3136bd607be7248cf3c41369670119

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 19 May 2021 17:06:19 GMT
server: LiteSpeed
etag: "f289-60a5458b-3e01a6149888912e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 19136
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 custom.unified.js Show response
xuxatv.com.br/wp-content/themes/Divi/js/ 488 KB
126 KB 221ms
219ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/themes/Divi/js/custom.unified.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d257d53881392769d5db791df016fd74fafff4ef6beebbdbee59a7a76a1f8cfd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Jun 2021 12:23:37 GMT
server: LiteSpeed
etag: "79fdc-60db10c9-1e6b90ca77dc154d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 129269
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 frontend-bundle.min.js Show response
xuxatv.com.br/wp-content/plugins/supreme-modules-for-divi/scripts/ 7 KB
2 KB 441ms
439ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/plugins/supreme-modules-for-divi/scripts/frontend-bundle.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

37959fc8966345a8eafa11b1967ec4fbabb59c17344083b23aacc26218d2c6ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 17 Jun 2021 13:01:14 GMT
server: LiteSpeed
etag: "1caa-60cb479a-b631cfe37b65942e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2351
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 common.js Show response
xuxatv.com.br/wp-content/themes/Divi/core/admin/js/ 1 KB
565 B 443ms
441ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/themes/Divi/core/admin/js/common.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Jun 2021 12:23:04 GMT
server: LiteSpeed
etag: "53f-60db10a8-ad9e170adfe71cea;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 490
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 wp-embed.min.js Show response
xuxatv.com.br/wp-includes/js/ 1 KB
780 B 443ms
441ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/wp-embed.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 16 May 2023 21:49:44 GMT
server: LiteSpeed
etag: "5c6-6463fa78-33cf84d830da5fb5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 703
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
xuxatv.com.br/wp-includes/js/mediaelement/ 154 KB
35 KB 444ms
443ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "267aa-6076116b-f321e151ebef6422;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 35905
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 mediaelement-migrate.min.js Show response
xuxatv.com.br/wp-includes/js/mediaelement/ 1 KB
533 B 480ms
478ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "4a9-6076116b-64298492c9a75bae;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 481
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 wp-mediaelement.min.js Show response
xuxatv.com.br/wp-includes/js/mediaelement/ 906 B
444 B 481ms
480ms Script
application/x-javascript 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=1700146237

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 13 Apr 2021 21:47:23 GMT
server: LiteSpeed
etag: "38a-6076116b-93b672967ca8e7a6;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 392
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 e-202346.js Show response
stats.wp.com/ 7 KB
3 KB 67ms
19ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202346.js
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 11 Nov 2024 12:17:15 GMT

GET
H/1.1 200
OK / Show response
embed.twitch.tv/ Frame 92B7 110 KB
41 KB 29ms
29ms Document
text/html 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854

Requested by

Host: embed.twitch.tv
URL: https://embed.twitch.tv/embed/v1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0527a5691faef7b0708b32a4625f169263af85cf7cd7d6615b8dc76a3a60b11a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://xuxatv.com.br
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://xuxatv.com.br
Content-Type: text/html
Date: Thu, 16 Nov 2023 14:50:38 GMT
Release-Type: release
Server: Kestrel
Strict-Transport-Security: max-age=300
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Content-Type-Options: nosniff
X-Served-By: cache-fra-etou8220056-FRA
X-Timer: S1700146239.631164,VS0,VE4
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked

GET
H3 200 bg-newworld-diamond-texture-top.png
xuxatv.com.br/wp-content/uploads/2021/04/ 515 KB
515 KB 140ms
139ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/04/bg-newworld-diamond-texture-top.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a6c3c182f7b23265862cf0aca5c670c6b603381a37878a7f342da958e37b4e33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 30 Apr 2021 21:33:43 GMT
server: LiteSpeed
etag: "80a02-608c77b7-807a89ceb23ed894;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 526850
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 landing-background-img-1.jpg
xuxatv.com.br/wp-content/uploads/2021/05/ 155 KB
156 KB 461ms
460ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/landing-background-img-1.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1a7ec5a7debd61e63fff2e56327e3022826f9b3e677ba735608fba0deef116b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 20:58:55 GMT
server: LiteSpeed
etag: "26d5d-608dc10f-e1c39a9768df7e2d;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 159069
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 wEO_EBrOk8hQLDvIAF81VvoK.woff2
fonts.gstatic.com/s/marcellus/v13/ 14 KB
14 KB 93ms
46ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Marcellus%3Aregular%7CRubik%3A300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CInter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&display=swap&ver=1700146237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a539799d12e3a144273288055490f57e1eee84da7a9145f085bc522e80719c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 19:14:33 GMT
x-content-type-options: nosniff
age: 502565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14552
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:36:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 19:14:33 GMT

GET
H3 200 preloader.gif
xuxatv.com.br/wp-content/themes/Divi/includes/builder/styles/images/ 9 KB
9 KB 156ms
156ms Image
image/gif 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/themes/Divi/includes/builder/styles/images/preloader.gif

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/wp-content/themes/Divi/style.css?ver=1700146237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/wp-content/themes/Divi/style.css?ver=1700146237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Jun 2021 12:23:31 GMT
server: LiteSpeed
etag: "24d3-60db10c3-508663152af1b2f1;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9427
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 landing-rev-slider-img-4.jpg
xuxatv.com.br/wp-content/uploads/2021/05/ 172 KB
172 KB 159ms
159ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/landing-rev-slider-img-4.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2f0660ef6b9aa51a6e14bd06f9d9be49d7f8abe2dfab0ebb8914378a2b4b4f1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 20:59:00 GMT
server: LiteSpeed
etag: "2aef1-608dc114-80bf4fb9702d3ab1;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 175857
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 particles.png
xuxatv.com.br/wp-content/uploads/2021/05/ 57 KB
57 KB 167ms
167ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/particles.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

15e76f351a45431443af778ed29df1fab097199503e3b454d41098eb37bbce78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 20:54:45 GMT
server: LiteSpeed
etag: "e3b5-608dc015-9eaa5a43e05ace56;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 58293
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 gaming-01.png
xuxatv.com.br/wp-content/uploads/2021/05/ 62 KB
62 KB 182ms
181ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/gaming-01.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bc782bdc0e291c9dfb58e92b842e75336fac2de5a16c91e35308d27a527911fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 22:15:13 GMT
server: LiteSpeed
etag: "f871-608dd2f1-3d93b1a76e13931c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 63601
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 62ms
21ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:12 GMT
x-content-type-options: nosniff
age: 228026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:12 GMT

GET
H3 200 HOME1-BLACK-DESERT.jpg
xuxatv.com.br/wp-content/uploads/2022/01/ 389 KB
389 KB 433ms
432ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2022/01/HOME1-BLACK-DESERT.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

74886df8d0a2ef6a6789df71d5cb539b73ecbeb40de9a88f05781c6f4b1a2e71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 24 Jan 2022 17:11:59 GMT
server: LiteSpeed
etag: "613a9-61eedddf-a73eb4072b44920f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 398249
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 CAPA-YT-150x150-1.jpg
xuxatv.com.br/wp-content/uploads/2023/08/ 12 KB
12 KB 435ms
432ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2023/08/CAPA-YT-150x150-1.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d7c10c50dc0426f4fd365a500ca3ab26fe2b4a1693e360e7671a46f6c4fac44b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 26 Aug 2023 16:23:28 GMT
server: LiteSpeed
etag: "2f1c-64ea2700-6b1b9fe813940d6c;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12060
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 TDA-02-400x250.jpg
xuxatv.com.br/wp-content/uploads/2023/06/ 29 KB
29 KB 438ms
434ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2023/06/TDA-02-400x250.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cb9052e8a2af5b8c4029e22c4b7bbc2d842b463c91e25526d04fe2fb8039fdbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 19 Jun 2023 16:21:26 GMT
server: LiteSpeed
etag: "74b9-64908086-996b4cfcf5e47e6c;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 29881
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 Diablo-4-01-400x250.jpg
xuxatv.com.br/wp-content/uploads/2023/06/ 13 KB
13 KB 438ms
435ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2023/06/Diablo-4-01-400x250.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b91240a71117372893493c84ee83c62c2790dfa737bf24278aa44cc5dde2c109

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Jun 2023 14:58:54 GMT
server: LiteSpeed
etag: "3421-648732ae-250749e8273d4c54;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 13345
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 SHAI-FOFA-400x250.jpg
xuxatv.com.br/wp-content/uploads/2023/05/ 23 KB
23 KB 439ms
436ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2023/05/SHAI-FOFA-400x250.jpg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c839c7b8a6d7c7c9714f6265578086f6314adfef41ff5eeceabf662c6d21e70b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 May 2023 18:49:29 GMT
server: LiteSpeed
etag: "5b53-6474f3b9-22c15d90e19b56b6;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 23379
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 divisor.png
xuxatv.com.br/wp-content/uploads/2021/05/ 1 KB
1 KB 442ms
438ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/divisor.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

71272eb2ad036c6584d9c64712e97591db0168ddc80e02f61d3e98e19f54aa62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 20:58:53 GMT
server: LiteSpeed
etag: "4fd-608dc10d-3b2d4330c1f5c3ec;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1277
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 fantasma.png
xuxatv.com.br/wp-content/uploads/2021/05/ 345 KB
345 KB 445ms
441ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/fantasma.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

415ed4613566913c5107561046bac43c1b372162850772dc6632522e0e3ba10a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 01 May 2021 20:54:26 GMT
server: LiteSpeed
etag: "563ca-608dc002-883ca58f2560979f;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 353226
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 Xuxa2.png
xuxatv.com.br/wp-content/uploads/2021/05/ 182 KB
182 KB 442ms
439ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Xuxa2.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

afe66cea58a674f9768895948b9f01d90dbb98a2ac72fd3369ce6b5fa43c3bb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 31 May 2021 21:42:45 GMT
server: LiteSpeed
etag: "2d950-60b55855-4338a57e86d0d556;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 186704
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 Xuxa-logo-2T.png
xuxatv.com.br/wp-content/uploads/2021/05/ 12 KB
13 KB 447ms
444ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Xuxa-logo-2T.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6bd3fea5dba78b94182a62a83a51d93752dbeebfab5cb8100b16cfd4451ca04f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 05:48:21 GMT
server: LiteSpeed
etag: "31cd-608e3d25-50446baaf0b596f2;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12749
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 apoie-seu-streamer-lado-esquerdo.png
xuxatv.com.br/wp-content/uploads/2021/05/ 529 KB
530 KB 451ms
447ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/apoie-seu-streamer-lado-esquerdo.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

25eb74ef5cb4f12ce63ffae537c136e1455b0917fa19713bf72dab182f55d395

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 19 May 2021 16:27:38 GMT
server: LiteSpeed
etag: "845b5-60a53c7a-7e3340851e96a93b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 542133
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 200 apoie-seu-streamer-lado-direito.png
xuxatv.com.br/wp-content/uploads/2021/05/ 138 KB
138 KB 448ms
445ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/apoie-seu-streamer-lado-direito.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9250ad0da233bea529df602cd38257964fe7d84217656525d0655f81c48417d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 19 May 2021 16:27:57 GMT
server: LiteSpeed
etag: "2276b-60a53c8d-1386a49ab6705a66;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 141163
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 26 KB
0 449ms
448ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 0-2204303/2204304
platform: hostinger
Content-Length: 2204304

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 31 KB
0 451ms
450ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 0-2204303/2204304
platform: hostinger
Content-Length: 2204304

OPTIONS
H2 410 users
api.twitch.tv/kraken/ Frame 0
0 115ms
28ms Preflight
text/plain 146.75.118.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/kraken/users?login=xuxatv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: client-id
Access-Control-Request-Method: GET
Origin: https://xuxatv.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-length: 4
content-type: text/plain
date: Thu, 16 Nov 2023 14:50:38 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=300
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230114-FRA
x-timer: S1700146239.769442,VS0,VE0

GET users
api.twitch.tv/kraken/ 0
0

GET
H3 200 logo_xuxa_tranparente.png
xuxatv.com.br/wp-content/uploads/2021/05/ 11 KB
11 KB 447ms
447ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/logo_xuxa_tranparente.png

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4c285d11065edcb671884f3ce725e8677e0fb49556ee6f194376b2edac45db6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/wp-content/et-cache/11/et-core-unified-tb-907-11-16987048998351.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 14 May 2021 17:49:31 GMT
server: LiteSpeed
etag: "2a8b-609eb82b-4bd4f1a26e81118f;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10891
expires: Thu, 23 Nov 2023 14:50:38 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.3/webfonts/ 75 KB
75 KB 39ms
39ms Font
font/woff2 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=1700146237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=1700146237
Origin: https://xuxatv.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87567
alt-svc: h3=":443"; ma=86400
content-length: 76764
last-modified: Fri, 22 Sep 2023 01:45:23 GMT
server: cloudflare
etag: "f7307680c7fe85959f3ecf122493ea7d"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd4%2FVQsEwrw%2FCEiaTuoppEaxvSfC5WFE5jWp8xD6rxiDWbJgiIcnph9d%2BGQwuiDEGsMNJbY0UeQZZ14G1T8DO03nLYKRfg0Uozwyr%2Bbbbw8OBPgeZpFwlZ0i05GhZm9sQdhp%2Bq%2BB7QElqrUUabCSqhLI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 82708c27c9410c35-AMS

GET
H/1.1 200
OK everywhere-main-6c4b990a05bbab0e5a5e.css
static.twitchcdn.net/assets/ Frame 92B7 105 KB
15 KB 116ms
34ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 00749eff5f11fd9eaa37764812e679a75676baaf200a7c4e0622eceddf020cba

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 17:29:22 GMT
Content-Encoding: gzip
Via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 1200076
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 156414249
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 01 Nov 2023 19:31:00 GMT
X-Vicarius-Hits: -1
ETag: W/"ad2505e6edc19b4f1b67f18f7d248fd3"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: WVk-u7Vu7bPCBa2UoIPRBNGXYeZAGj6lc0amcKC8jJ5h8dGF8DoxhQ==

GET
H/1.1 200
OK settings.5ca1f0ac7e41ec114e2dcc77c63dfab5.js Show response
static.twitchcdn.net/config/ Frame 92B7 132 KB
41 KB 122ms
37ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/config/settings.5ca1f0ac7e41ec114e2dcc77c63dfab5.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 24bc5cb8efa7ed4a6211c29576af166a14ae53d3a81a80c51fe7a2e434dbe449

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 01:19:50 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 48648
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 170290132
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 01:19:44 GMT
X-Vicarius-Hits: -1
ETag: W/"5ca1f0ac7e41ec114e2dcc77c63dfab5"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: DX3EqgTgM0-ameadW3UYQc_n0Q3z5AUCuOjx-yQoJn3MxhL0X_wQ-g==

GET
H/1.1 200
OK vendor-ecdc2e4b1b23d7e6b165.js Show response
static.twitchcdn.net/assets/ Frame 92B7 1 MB
378 KB 126ms
42ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/vendor-ecdc2e4b1b23d7e6b165.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4c047185e6e4370e7aefa93df87710007d0ac33ddf9c2e555d498e757695b63c

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:22 GMT
Content-Encoding: gzip
Via: 1.1 de5338eac881cf5d87f2d811c3b7417c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73276
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 169898725
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 23:59:47 GMT
X-Vicarius-Hits: -1
ETag: W/"669ff2fc104c857296c7315bdd004f6f"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4iJVyQyDjguigJxYH1kwndkFdhywuyUdr27-rmriXOAmvjIOwi88JQ==

GET
H/1.1 200
OK polyfills-da10d6c591979de7f337.js Show response
static.twitchcdn.net/assets/ Frame 92B7 47 KB
17 KB 120ms
37ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/polyfills-da10d6c591979de7f337.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 54d76f1c75eab61bebf210d30b5db9de1fade64d515d1704b86a615ecc3a11e6

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 21:02:02 GMT
Content-Encoding: gzip
Via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 64116
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 169996972
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 20:55:10 GMT
X-Vicarius-Hits: -1
ETag: W/"dde564e63d821dcb61e4f74942a67942"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: rDs71R9s1022-2n8H_4S5r64k0XUaTjQr83QUCNegWlvOaCxz3q7iA==

GET
H/1.1 200
OK everywhere-main-1ff2405ad06a9a18a1f8.js Show response
static.twitchcdn.net/assets/ Frame 92B7 2 MB
537 KB 118ms
36ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/everywhere-main-1ff2405ad06a9a18a1f8.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 39d95bc73be041b44694c47710ca95f972cee147d3d39cfeccc728054deb3a51

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 21:02:02 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 64116
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 169952212
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 18:41:20 GMT
X-Vicarius-Hits: -1
ETag: W/"73440e0420680a1d35573323c269928c"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: gSkwZnQvY_0ESa3vgjvcAV0KGsXANnpGZEdoRcjaREDOfpMmt3eAJA==

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 466 KB
0 438ms
438ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 0-2204303/2204304
platform: hostinger
Content-Length: 2204304

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 139ms
94ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2974894051137733&plah=xuxatv.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2974894051137733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8cd993d184ae0c753ea41ede4bcd502344aced6b0ac15b37c779adc45e7ff38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138529
x-xss-protection: 0
server: cafe
etag: 1982989339674002555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:38 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 8A32 9 KB
4 KB 70ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2974894051137733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 09:36:58 GMT
etag: 13268084621564590274
expires: Thu, 30 Nov 2023 09:36:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK p.js Show response
k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 92B7 198 KB
73 KB 110ms
32ms Script
application/javascript 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js

Requested by

Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-1ff2405ad06a9a18a1f8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

445f90ecfab5ded6f51209614d8e66316b70a0afa06b00249a5032ec41262191

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-Cache-Hits: 29
Date: Thu, 16 Nov 2023 14:50:39 GMT
content-encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: max-age=300
Age: 32
X-Cache: HIT
Connection: keep-alive
Content-Length: 73674
X-Served-By: cache-fra-etou8220028-FRA
last-modified: Tue, 14 Nov 2023 21:37:26 GMT
X-Timer: S1700146239.133540,VS0,VE0
etag: 45225153d0eb4384699358287c7c6a6873670648-vyGp6PvFo4RvsFtPoIWeCReyIC8=-mc5esLFwQxTDfFa4NRve8AwpqZU=
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
Cache-Control: public, max-age=120, stale-while-revalidate=120
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Thu, 16 Nov 2023 14:52:06 GMT

GET
H/1.1 200
OK player-core-variant-a-6f58ac3e58e53422e545.js Show response
static.twitchcdn.net/assets/ Frame 92B7 122 KB
32 KB 34ms
34ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/player-core-variant-a-6f58ac3e58e53422e545.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 067629b93b9156dcfd0a66c7bfd2453c187244f0ec9cb7bbc96bb7d1f41881cb

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 18:29:25 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 850874
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 160456134
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 03 Nov 2023 17:47:13 GMT
X-Vicarius-Hits: -1
ETag: W/"2c09c685690cd79488a1ec361fd9e006"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: lTC6TFExTS4BCHlyE1ynVhtZKbqiNHsVJ6-3fQ1LAN773FXxZzTfhQ==

GET
H2 200 v6s.js Show response
d2v02itv0y9u9t.cloudfront.net/dist/1.1.6/ Frame 92B7 267 KB
76 KB 108ms
30ms Script
application/javascript 2600:9000:20b4:9c00:2:5624:e040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2v02itv0y9u9t.cloudfront.net/dist/1.1.6/v6s.js
Requested by: Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-1ff2405ad06a9a18a1f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:9c00:2:5624:e040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4753e0e2fc769d14cd90048716a76fc8607a8a4adc089d2606306a38d477fc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:45:48 GMT
content-encoding: gzip
via: 1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 12:45:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 7492
etag: W/"b54c4c53ea23acd68a3a75068320c4cc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vLO-bCM6T4ruLvZXrleFyw5qNsbEA13rWAK39c3gtf99W6XGZHnMkA==

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 35 KB
6 KB 264ms
263ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-1ff2405ad06a9a18a1f8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c40705bb21bad468f397f46397899d2ed7c51bb2d26e0cce787bafe3c46694c

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:39 GMT
Content-Encoding: br
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 84ms
25ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 26
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:39 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9926 514 KB
117 KB 525ms
524ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&adk=1812271804&adf=3025194257&lmt=1700146239&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146238795&bpp=3&bdt=776&idt=589&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5230436701717&frm=20&pv=2&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=619

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2974894051137733&plah=xuxatv.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1056c963b8160232d4bd1d49ff1c7176af39763bbaa5e2fa933dda971ce70f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 119441
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:39 GMT
expires: Thu, 16 Nov 2023 14:50:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=main-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
154 B 26ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7.2&blog=191899620&post=11&tz=-3&srv=xuxatv.com.br&host=xuxatv.com.br&ref=&fcp=1879&rand=0.7570873753336889
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:39 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 429
Too Many Requests fp Show response
gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame DA0C 587 B
1 KB 275ms
205ms Document
text/html 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b696e7eadbfb3fad4412a7f99d8c1aabb356cba437e7792e0ee134a1c5dbba85

Request headers

Referer: https://embed.twitch.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 408
Date: Thu, 16 Nov 2023 14:50:39 GMT
Expires: 0
Pragma: no-cache
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
content-encoding: br
content-type: text/html; charset=utf-8
p3p: CP="This site does not specify a policy in the P3P header"
x-kpsdk-ct: 087ivlPedYDR4WE5plBbvkQJEWCC5X7zsHcjz7d3W58rcJ5LjqAS1QnuNt5rC77rZCWAVGTHo6MGkrzvsX3bXr7aEMjpG1VjvtHhZqWa4zC6HjxmXCRk6UUgE3gFmwlBs2fwonZ2g4NXpwG8cFJ6zzaE5bAF5rZ

GET
H/1.1 429
Too Many Requests fp Show response
passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame D5A9 591 B
2 KB 230ms
170ms Document
text/html 13.32.27.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-32.fra56.r.cloudfront.net
Software: /
Resource Hash: d08129012e9b0a8837b281e5d27f77ceac700407345530ef55372cd452da407f

Request headers

Referer: https://embed.twitch.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 410
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Nov 2023 14:50:39 GMT
Expires: 0
Pragma: no-cache
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
X-Amz-Cf-Id: uppCzreQXhv9r5CP-I0kfJFxkVp5T1owZ5CaY858Jgc_drpKWr2YOg==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Error from cloudfront
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
content-encoding: br
p3p: CP="This site does not specify a policy in the P3P header"
x-kpsdk-ct: 08u5rRA8YVKRyGbqiliyW8qu0XJhHRzIywC6TbcZX2Zl5q0pwDZ0wFrqyxi7rDLr2BODYf5VOIBFFUwh4HJ9DWYs8C3f15v6Tlur2K4h3EBu8fvuOCf1aAOXDYkUxUFFKbviniyc8cYApQb1LMGGpSAzPReb0SV

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 92B7 4 KB
2 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/player-core-variant-a-6f58ac3e58e53422e545.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:50:39 GMT

GET
H/1.1 200
OK inter-latin-variable-wghtOnly-normal-a05a0d687a088c4efed3.woff2
static.twitchcdn.net/assets/ Frame 92B7 36 KB
37 KB 33ms
32ms Font
application/octet-stream 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/inter-latin-variable-wghtOnly-normal-a05a0d687a088c4efed3.woff2
Requested by: Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Request headers

Referer: https://static.twitchcdn.net/assets/everywhere-main-6c4b990a05bbab0e5a5e.css
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 21:03:04 GMT
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 6198455
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 96016078
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 37056
Last-Modified: Wed, 31 Mar 2021 04:32:27 GMT
X-Vicarius-Hits: -1
ETag: "b212a798db3b717b02ca67e3ca5c0bef"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: MzzlrcCH7To1f0JUT73GfCrv5wBvoD8cb3Buf-U29k0mr14Rch6r0Q==

GET
H/1.1 200
OK features.video-player.components.video-ads.stream-display-ad.pushdown.portal-94db3d51ac84ac023273.js Show response
static.twitchcdn.net/assets/ Frame 92B7 3 KB
2 KB 33ms
32ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.video-player.components.video-ads.stream-display-ad.pushdown.portal-94db3d51ac84ac023273.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2bc2af0c3101e9bd9188ef5bd39172af8097016e64ad1086ea03c3b965c8adb2

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 17:29:26 GMT
Content-Encoding: gzip
Via: 1.1 de5338eac881cf5d87f2d811c3b7417c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 5606473
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 102951428
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 11 Sep 2023 21:49:32 GMT
X-Vicarius-Hits: -1
ETag: W/"6cd4b532ee951f45120cc4bad8bbc0f8"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: CBg-VCroG_qtffZ5wVx-VVbVtRJ9zEhI8dp3nVInjmV6cTeVbLC51A==

GET
H/1.1 200
OK features.channel-celebrations.components.celebration-display-0a7bf62ba7b85211028a.css
static.twitchcdn.net/assets/ Frame 92B7 574 B
1 KB 31ms
31ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.channel-celebrations.components.celebration-display-0a7bf62ba7b85211028a.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7fd4409198e6c276d5b4b62f2c3b1e8fc4f06193180b52ab3360fd8bdb87d6e6

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:15:06 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 5679333
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 101860133
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 26 Apr 2023 01:20:25 GMT
X-Vicarius-Hits: -1
ETag: W/"86c752f1ee0a4112f7503d0bd1a5a595"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7ASYpEGZ6CjEiC0ic-99T02FN_nulUt0RjLv3WKO287b6n1s5WPPsQ==

GET
H/1.1 200
OK features.channel-celebrations.components.celebration-display-833cc24198709e25fb6a.js Show response
static.twitchcdn.net/assets/ Frame 92B7 99 KB
18 KB 37ms
37ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.channel-celebrations.components.celebration-display-833cc24198709e25fb6a.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 544ad9fe6ced38792fcb763fff362d510cb42a019c736f70d8dacbb6d6f480c1

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:23 GMT
Content-Encoding: gzip
Via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73276
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 170133636
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:58:13 GMT
X-Vicarius-Hits: -1
ETag: W/"a8c3312856e8dad00e68d15e3e049252"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: EN9OIL3miIiwRyfnzumCvoxHKwSjYiBiPWc1Yw2JX_4XTxGmMKY7VA==

GET
H/1.1 200
OK features.video-player.components.video-ads.audio-ad-overlay.component-e70fd3adca256609585a.css
static.twitchcdn.net/assets/ Frame 92B7 1 KB
1 KB 31ms
30ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.video-player.components.video-ads.audio-ad-overlay.component-e70fd3adca256609585a.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9ba40069f9ec6d491f4738cc1c346700ddeaf5ef616f46122d7f9ce71d7dc620

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 00:30:03 GMT
Content-Encoding: gzip
Via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 9728436
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 53384247
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:55:19 GMT
X-Vicarius-Hits: -1
ETag: W/"e1e80c8e52cfd2ea58edbbb204c8b5db"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: yYivHyAisCwa4dEe734ZWQa8-f07PBjHkW6b5vDGWMb2eavFnSQM3Q==

GET
H/1.1 200
OK features.video-player.components.video-ads.audio-ad-overlay.component-27f9b9ac1e3f354fc6c3.js Show response
static.twitchcdn.net/assets/ Frame 92B7 11 KB
4 KB 64ms
33ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.video-player.components.video-ads.audio-ad-overlay.component-27f9b9ac1e3f354fc6c3.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bf00a1d42dfd379e983ad66542c2956a80572289440f8e740ea30680564ef4a1

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 17:29:26 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 5606472
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 102784198
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 11 Sep 2023 21:49:31 GMT
X-Vicarius-Hits: -1
ETag: W/"d42d334be90d3a66c67e7b776c961ed6"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oNBXyW0W1KpXaQPTIikjunpz2fDXz3yni1opjaitjjZrdyYdnIPg-Q==

GET
H/1.1 200
OK features.video-player.components.video-ads.pushdown-sda-eligibility-0d1b181c3e2ca9bc12d5.js Show response
static.twitchcdn.net/assets/ Frame 92B7 3 KB
2 KB 32ms
31ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.video-player.components.video-ads.pushdown-sda-eligibility-0d1b181c3e2ca9bc12d5.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3fb66a979162576e6018f079293be866329da6ce619116e396514cd245db1b62

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 17:29:26 GMT
Content-Encoding: gzip
Via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 5606473
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 103038155
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 11 Sep 2023 21:49:32 GMT
X-Vicarius-Hits: -1
ETag: W/"bc727b027485437c88a549f6d9f756ad"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: m0oR6hPbow-1AX44FiXx2Bxz5Xn2eueWpDYDadR8ZlgXleJSbnpx0g==

GET
H/1.1 200
OK features.consent.components.cmp-api-4a0931347fc4ef7b44a1.css
static.twitchcdn.net/assets/ Frame 92B7 717 B
1 KB 39ms
32ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.consent.components.cmp-api-4a0931347fc4ef7b44a1.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6998d311bdd346da24a257d09e25517aa7cc7eb4b8fd740b8deb7b769269f727

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 22:59:30 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 4463469
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 117382028
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 29 Jun 2023 17:31:23 GMT
X-Vicarius-Hits: -1
ETag: W/"1cdb1854b14eacb078f79708bbedfa56"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: dem_2Wl_ACv6C-aT-V85WwKVcHfPyRyA-vMuHBMxW81nzoljfi2UKA==

GET
H/1.1 200
OK features.consent.components.cmp-api-c400e87926cfa7c2e156.js Show response
static.twitchcdn.net/assets/ Frame 92B7 362 KB
101 KB 37ms
36ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.consent.components.cmp-api-c400e87926cfa7c2e156.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 79f40047b18f4a694852c3aac01228358c1f60e7feecf568705390650981dbea

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:24 GMT
Content-Encoding: gzip
Via: 1.1 de5338eac881cf5d87f2d811c3b7417c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73275
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 170012766
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:58:35 GMT
X-Vicarius-Hits: -1
ETag: W/"4ec183adb7094e40865a64aec7b9f5a8"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: xvTNPmsljwFAUkNpc6MSPEFU0poBVjhPTYBpUC65H6QPql0LwRu1kg==

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 218 KB
0 136ms
136ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Nov 2023 14:50:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 0-2204303/2204304
platform: hostinger
Content-Length: 2204304

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 19 KB
0 279ms
278ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Nov 2023 14:50:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 0-2204303/2204304
platform: hostinger
Content-Length: 2204304

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 64 KB
0 277ms
277ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Nov 2023 14:50:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 0-2204303/2204304
platform: hostinger
Content-Length: 2204304

GET
BLOB 200
OK efc770df-3803-436c-b81a-8324906c7d6d
https://embed.twitch.tv/ Frame 92B7 102 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://embed.twitch.tv/efc770df-3803-436c-b81a-8324906c7d6d
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1c15087d7e241a99cf94534f8f0e2286c9b426bfc065a248ae9dc0d07f9e00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 102
Content-Type

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 1 KB
719 B 255ms
254ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b8fac1e81e158130ccd136fde54bc533bd0adce217aa9f66b61b0e7bc05925c

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:39 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 532
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 82ms
26ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 453
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:39 GMT

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 2 KB
736 B 238ms
237ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c43dceaef3bda690da400879b1cfb6b9883a25605ac56607a686027c0ac1755

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:39 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 549
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 78ms
25ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 89
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:39 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 92B7 35 KB
12 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:50:39 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame 92B7 50 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 17 Nov 2023 09:38:48 GMT

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 404 B
381 B 224ms
223ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 167f1e3602d7682632294d7014110ba98638845dbcf570325f8826137a2738e3

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:40 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 194
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 79ms
78ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 26
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:39 GMT

GET
H3 206 Fire-Background.mp4
xuxatv.com.br/wp-content/uploads/2021/05/ 2 MB
2 MB 131ms
131ms Media
video/mp4 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Fire-Background.mp4

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

018d440eb02563c157978016a22bfb58e2cf67348f876eff00af8ca1eb26d0ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://xuxatv.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=163840-

Response headers

date: Thu, 16 Nov 2023 14:50:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 04:13:41 GMT
server: LiteSpeed
etag: "21a290-608e26f5-eebe80c9ccd4773f;;;"
content-type: video/mp4
Content-Range: bytes 163840-2204303/2204304
platform: hostinger
Content-Length: 2040464

GET
H/1.1 200
OK ips.js Show response
passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame D5A9 355 KB
130 KB 275ms
275ms Script
application/javascript 13.32.27.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?ga__13_abel=08u5rRA8YVKRyGbqiliyW8qu0XJhHRzIywC6TbcZX2Zl5q0pwDZ0wFrqyxi7rDLr2BODYf5VOIBFFUwh4HJ9DWYs8C3f15v6Tlur2K4h3EBu8fvuOCf1aAOXDYkUxUFFKbviniyc8cYApQb1LMGGpSAzPReb0SV&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiQ4ZjM3OGIxNS1iODAyLTQwNWMtOTk4NC02OWQ4OThhM2IzZGQ
Requested by: Host: passport.twitch.tv
URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-32.fra56.r.cloudfront.net
Software: /
Resource Hash: 298037ddd1d0b044fe2df2ed0a47c67f6a3f2be1385120ff6d0138526cfad511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: br
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-kpsdk-ct: 084AqTuYUxucA0KVzAtB7Poo52nm2vBWOcxq2v2QubHBk6i6Sh3dEc3nsjhbCasxvZFVlciEWa2rkao9sXJImEIQT2T2y2g2kgp9PsbAYN2J9SsiCAOHriyelDmjqfY2pJFnBmr8AEuwLtW4RMFRWOjEvNPZwoo
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=utf-8
p3p: CP="This site does not specify a policy in the P3P header"
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131664
X-Amz-Cf-Id: CHvYRkOiDS__fcCVg8vtmCNYa1_6BNDqZHkb_4mr5aORPUfOH9vSDQ==
Expires: 0

GET
H/1.1 200
OK ips.js Show response
gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame DA0C 350 KB
129 KB 310ms
310ms Script
application/javascript 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=087ivlPedYDR4WE5plBbvkQJEWCC5X7zsHcjz7d3W58rcJ5LjqAS1QnuNt5rC77rZCWAVGTHo6MGkrzvsX3bXr7aEMjpG1VjvtHhZqWa4zC6HjxmXCRk6UUgE3gFmwlBs2fwonZ2g4NXpwG8cFJ6zzaE5bAF5rZ&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiQ5MWEzNDE5My1jMTlhLTQ2NjktODFlYS01ZTI2YTllYzYyNTg
Requested by: Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 09d807ac034b920aa14cfbc0894605e1934c82e2d1d66b2eb1e26aea60556e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: br
x-kpsdk-ct: 081kiPgSPhYt94UQNqn8On3XHg6bGISQQ1r2TPa5G5qytoLHjb2f4vVN7DuQFWE5yyJzoCyLJtjwtMbjUoL2XGGQDtbq2LxZT3ea6Axag4pZg2ToGOfauI2Ytn4YgELgxPX9517qO4JAuGk6RwmyLc9pISnS02A
p3p: CP="This site does not specify a policy in the P3P header"
content-type: application/javascript; charset=utf-8
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 131333
Expires: 0

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 5 KB
2 KB 287ms
287ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24809bb21d3bb33f5cb90e447afe43dba9e38295f82e9a31fafe0d73b9a798e3

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:40 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 1685
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 83ms
28ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 548
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:39 GMT

POST
H2 204 ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-k...
video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ Frame 92B7 0
0 818ms
387ms Fetch 52.32.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:40 GMT
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed723041b617707f4c5877d298d024e342ca47800ca1b7a9e8e664a20ffa0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55801
x-xss-protection: 0
server: cafe
etag: 7188734607447846984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 690E 137 KB
44 KB 538ms
538ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9604846e8a337a0e3a9606b20c236545475bcc43ae99bc5361a04258feee0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:40 GMT
expires: Thu, 16 Nov 2023 14:50:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAEC 39 KB
16 KB 310ms
310ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

202c4fb63fc8b30113323a216eb6e8ac53145ee6dd50cedcf7627aa932eb158b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16613
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:40 GMT
expires: Thu, 16 Nov 2023 14:50:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78E6 39 KB
16 KB 303ms
303ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

755b6564ea2c3bcb2009c559dff8ed26cdbdd73c0436f20adced5b16ccc7a92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16425
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:40 GMT
expires: Thu, 16 Nov 2023 14:50:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK features.guest-star.components.guest-star-rtj-channel-content-dc5f7775af7220bff5a8.css
static.twitchcdn.net/assets/ Frame 92B7 45 B
963 B 32ms
31ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.guest-star.components.guest-star-rtj-channel-content-dc5f7775af7220bff5a8.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7dc1657d62d95d4f3dfff6282aaaf24fb7ccd26afde8cbfbd706c8c00b301cb1

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 27 Sep 2023 00:31:03 GMT
Content-Encoding: gzip
Via: 1.1 de5338eac881cf5d87f2d811c3b7417c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 4371577
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 118469348
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 28 Jun 2023 18:20:55 GMT
X-Vicarius-Hits: -1
ETag: W/"a4f4c3574e356f0a7510073f0df9c1ab"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: gMjKs8T9g7SE6RGdN8BWamhspV6gRCIZRtTDCWGz7Z3q0053Mlt32g==

GET
H/1.1 200
OK features.guest-star.components.guest-star-rtj-channel-content-f5ecc875b8943f32e318.js Show response
static.twitchcdn.net/assets/ Frame 92B7 43 KB
11 KB 34ms
34ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.guest-star.components.guest-star-rtj-channel-content-f5ecc875b8943f32e318.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0373d647fe10d48014be010baa35759546a2123c9bba2c1848c80c430f35fb0

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:26 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73274
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 170234042
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:58:44 GMT
X-Vicarius-Hits: -1
ETag: W/"4a0d30c03c17eabd9601951796397c7c"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: yzqjR9La6hXdoGqHTdfn6KtqYKAdXDfn4-MsPD5yBKrVveC8_76uNg==

GET
H/1.1 200
OK features.subscribe-button.components.subscribe-button-966f45268f97e2e4de33.css
static.twitchcdn.net/assets/ Frame 92B7 100 B
965 B 30ms
30ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.subscribe-button.components.subscribe-button-966f45268f97e2e4de33.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 69cfb7908ceb8fdbbc69f017c4172c8be25b1d3688c75e311e9f4312cbd65d3e

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 01 Oct 2023 23:44:43 GMT
Content-Encoding: gzip
Via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 3942357
Transfer-Encoding: chunked
X-Vicarius-TransactionID: 123810241
X-Cache: Hit from cloudfront
X-Vicarius-Region: fra
Connection: keep-alive
Last-Modified: Tue, 05 Oct 2021 23:14:33 GMT
X-Vicarius-Hits: -1
ETag: W/"a5e00bd9c049eab2f7a51d8b8a1929d1"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 2b9LYR3s3f1d2GawAXdO5VGkolsAHOUbvl4qmpPPTXI7uGoCbU0woA==

GET
H/1.1 200
OK features.subscribe-button.components.subscribe-button-f80ee09d4ed2ae1b3ce3.js Show response
static.twitchcdn.net/assets/ Frame 92B7 95 KB
23 KB 34ms
34ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.subscribe-button.components.subscribe-button-f80ee09d4ed2ae1b3ce3.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca419686788ffefde8b85d068c045c6a9dbca96bac7b99d8d187270d439fc8a4

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:26 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73274
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 169823928
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:59:21 GMT
X-Vicarius-Hits: -1
ETag: W/"13c2f892cfcd0bfa7beeb10ea8240d9a"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4iFB0YVznhanzSOB5tWHwKlMGYUFv5blCjoPa_M63sfjI1YNCYqEFg==

GET
H2 200 f2f59c3b-4ff8-4009-8105-3a318f767a88-profile_image-150x150.png
static-cdn.jtvnw.net/jtv_user_pictures/ Frame 92B7 31 KB
32 KB 319ms
234ms Image
image/png 2600:9000:20ab:e800:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/f2f59c3b-4ff8-4009-8105-3a318f767a88-profile_image-150x150.png
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:e800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eb734f4a32b336c966dbb4ffe07a1d592efde0fd3863da28ec01c0073e4e9018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
via: 1.1 64e65d847e47fbcbf4dc70bc1c185676.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
x-cache: RefreshHit from cloudfront
content-length: 32099
last-modified: Sun, 30 May 2021 15:41:50 GMT
server: nginx
etag: "578fab2891810ff108be8a8e5845a054"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: FIbElOFXtjv5NnNrdfsHrpVmTbotBNZcrs3QbejN0SipvaU-prKYDQ==
expires: Thu, 16 Nov 2023 18:50:40 GMT

OPTIONS
H2 200 error
reporting.cdndex.io/ Frame 0
0 202ms
56ms Preflight
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-126.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://passport.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 2
content-type: application/json
date: Thu, 16 Nov 2023 14:50:40 GMT
server: CloudFront
via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
x-amz-cf-id: SZ74eB49_bcmcN-G_zmKodkj79tg7OvKnOMrVK_9D_Zy16XEc01Ejg==
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront

POST error
reporting.cdndex.io/ Frame D5A9 0
0

POST
H/1.1 200
OK tl Show response
passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame D5A9 0
1 KB 190ms
189ms XHR
text/plain 13.32.27.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by: Host: passport.twitch.tv
URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?ga__13_abel=08u5rRA8YVKRyGbqiliyW8qu0XJhHRzIywC6TbcZX2Zl5q0pwDZ0wFrqyxi7rDLr2BODYf5VOIBFFUwh4HJ9DWYs8C3f15v6Tlur2K4h3EBu8fvuOCf1aAOXDYkUxUFFKbviniyc8cYApQb1LMGGpSAzPReb0SV&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiQ4ZjM3OGIxNS1iODAyLTQwNWMtOTk4NC02OWQ4OThhM2IzZGQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-kpsdk-im: CiQ4ZjM3OGIxNS1iODAyLTQwNWMtOTk4NC02OWQ4OThhM2IzZGQ
x-kpsdk-ct: 07tCuOEeAEIN9uZeBjUJXfFF9ngsJqhP4Sqm5YQ9mXtU0tu6uv3y6kweMroLFoqINBG4Tv82J1cDJuIv0mxg7thgXNsWZvj3dOHRCq8laK6i9EgxHl2OBjScIzBSZsatH2MfhfDI51AxuAoyBsgTk5gQRtcQTJm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/octet-stream
x-kpsdk-dt: 11bew5ny72w0h1y430w6ly3ex2m
Referer: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
x-kpsdk-v: j-0.0.0

Response headers

Date: Thu, 16 Nov 2023 14:50:40 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
p3p: CP="This site does not specify a policy in the P3P header"
x-kpsdk-st: 1700146240539
x-kpsdk-cr: true
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
x-kpsdk-ct: 082CVI7yfWi8L9sQNSlCmjzt6SEhHB6CM1DJiAr7eBW7cDwuqaiDDczhs2uax8tYPbcOblGru1gGnYGuZ7MQMT6ivQt6Jus4meE7hrBHZBdCGAWhqCHobuTn25Qwohr2EfxmkgAVsYcJosuG4BT9kkONK0nvEeL
Content-Type: text/plain
access-control-allow-origin: https://passport.twitch.tv
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Amz-Cf-Id: rKCKosSlDu9UPhQqtCEPK0KsKv4zuqSkp0ZYtaEXy5hPVDfgBqLWbg==
Expires: 0

OPTIONS
H2 200 error
reporting.cdndex.io/ Frame 0
0 87ms
87ms Preflight
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-126.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gql.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 2
content-type: application/json
date: Thu, 16 Nov 2023 14:50:40 GMT
server: CloudFront
via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
x-amz-cf-id: 0tRufdPUAuc-JHtGQJahFzFtqWf0PNKuaPjvzAkNxysPWLN884WNvw==
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront

POST
H2 200 error Show response
reporting.cdndex.io/ Frame DA0C 8 B
397 B 357ms
357ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Requested by: Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=087ivlPedYDR4WE5plBbvkQJEWCC5X7zsHcjz7d3W58rcJ5LjqAS1QnuNt5rC77rZCWAVGTHo6MGkrzvsX3bXr7aEMjpG1VjvtHhZqWa4zC6HjxmXCRk6UUgE3gFmwlBs2fwonZ2g4NXpwG8cFJ6zzaE5bAF5rZ&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiQ5MWEzNDE5My1jMTlhLTQ2NjktODFlYS01ZTI2YTllYzYyNTg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-126.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer: https://gql.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length: 8
x-amz-cf-id: efAlKiCiSYEBV09GJkDdqLMd9zy1mSCgUHIzeOOmQp5Cb_3xCmce5A==

POST
H/1.1 200
OK tl Show response
gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame DA0C 0
1 KB 226ms
225ms XHR
text/plain 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by: Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=087ivlPedYDR4WE5plBbvkQJEWCC5X7zsHcjz7d3W58rcJ5LjqAS1QnuNt5rC77rZCWAVGTHo6MGkrzvsX3bXr7aEMjpG1VjvtHhZqWa4zC6HjxmXCRk6UUgE3gFmwlBs2fwonZ2g4NXpwG8cFJ6zzaE5bAF5rZ&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiQ5MWEzNDE5My1jMTlhLTQ2NjktODFlYS01ZTI2YTllYzYyNTg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-kpsdk-im: CiQ5MWEzNDE5My1jMTlhLTQ2NjktODFlYS01ZTI2YTllYzYyNTg
x-kpsdk-ct: 07nsDKlRa5Eu3gHp70EWg6muzaAgRWBMioI2qTvctyBaFVcpGYB67FRNcdbtdiRHsMUYvuGFKtQca3dIENxv9cING3IcmfzrStHjrbgXQrxDFAp5EJMwTeho4NC4cIaUs3uuPBXCErj0Dzdf77dN94CqgNPIwf2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/octet-stream
x-kpsdk-dt: 142iy1ilw2gz0nlw3dy72x5jy6q
Referer: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0
x-kpsdk-v: j-0.0.0

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:40 GMT
x-kpsdk-ct: 07aWxE9z6ftSmMRL2In81f20dYVbGuZzqgokzZli0UPOt1v3AGwr0puYeBGhlUJGFLuxxawYjJQTsNNvcV3zqa8zh207nOpUaKgAvbIXBTlYOf3JQXFCJUxM4OEVSEMyfjGLXiSuOqU0vDfsQW0VbQQu54zXvue
content-type: text/plain
access-control-allow-origin: https://gql.twitch.tv
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
p3p: CP="This site does not specify a policy in the P3P header"
x-kpsdk-cr: true
Connection: keep-alive
x-kpsdk-st: 1700146240784
Content-Length: 0
Expires: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 78E6 3 KB
1 KB 101ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 78E6 20 KB
8 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 78E6 0
0 80ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVE_HcW_2DT0EpkBHG5LBzFiZ2Vg_hz1Qt9C5QkZcJtkC2se3Cu_QiC8rAQfCEcW80ea8L57jWoTlhzmQ73FiihAaggg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78E6 203 KB
64 KB 145ms
82ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EAEC 3 KB
1 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EAEC 20 KB
9 KB 81ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EAEC 0
0 77ms
28ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPGZFQ-HR4hOBwF_5SuOmcQuRllmcL3yFFw4Aqddrody-fs8IOX60rZA33lJUqjqenzuokvIPBLALfFJC2z-yQUcPPsw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAEC 203 KB
64 KB 205ms
143ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:40 GMT

POST
H2 200 error Show response
reporting.cdndex.io/ Frame DA0C 8 B
395 B 283ms
281ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Requested by: Host: gql.twitch.tv
URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=087ivlPedYDR4WE5plBbvkQJEWCC5X7zsHcjz7d3W58rcJ5LjqAS1QnuNt5rC77rZCWAVGTHo6MGkrzvsX3bXr7aEMjpG1VjvtHhZqWa4zC6HjxmXCRk6UUgE3gFmwlBs2fwonZ2g4NXpwG8cFJ6zzaE5bAF5rZ&x-kpsdk-v=j-0.0.0&x-kpsdk-im=CiQ5MWEzNDE5My1jMTlhLTQ2NjktODFlYS01ZTI2YTllYzYyNTg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-126.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer: https://gql.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length: 8
x-amz-cf-id: HFWI4wgi5z2e10VV1A_R1xCA-o5U2VR1fmdQJFzqd41Y05_As2Dc6A==

OPTIONS
H2 200 error
reporting.cdndex.io/ Frame 0
0 55ms
55ms Preflight
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-126.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gql.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 2
content-type: application/json
date: Thu, 16 Nov 2023 14:50:40 GMT
server: CloudFront
via: 1.1 530e9f4b5e6084726110986459f0c18c.cloudfront.net (CloudFront)
x-amz-cf-id: U7AmCEIWZMonyxL2VhU5221fFqJj7Qj8RoYVritpXUiz334i1f5Y3g==
x-amz-cf-pop: VIE50-C2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 505E 138 KB
47 KB 217ms
109ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVYsQAAEmrcHg4toAAPau0wMjKxs1Z1AQgP8hQ&u=%7Cbm5e4PunlcKyHArTvuC63t4THRwDHB70%2B8ouVsIeBTA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k841W0JDvRk-nbAYlnaTkW7y1jxegkzNYqSum8-AGFaeU-zSslqeEWSPOrupmHEAsKPi2Y2xOvxY30aOxyosCEwMVPJb2CE1lmDnkTI0OK8U0La6ez6A6ZGeqmrEECMX1G_y7LFIB6qJ4Ai_ztTE3io9uPkQeorLR0GOvntHRa4LiO43c0LC3ShrldH6KIyHr4BUcBW4D4GHGK6WKQXrZGC4wzeWXdW3S7QhWzEVFn67lGBx64TeoghzUvERSqRkRSaNAT5bnlF7q6OW531A1erNBwlwVspCnBul6NLwDWZJUcRB1mQyxHVpYqEC8lGvh50JIBquc9j2qgTWeg1mNHnWER9UeZOGDKRyV1sWKqx6ShC-bN4Erf9KR8tWuUHmrM2JJ81vPiMYhzHdjAbMauHpQtfPW3NKEayZ9Wiycy9VoJkDji-l_oZwcmdhJo_aTuiksx4CyoDCi9LtBwc7CPjj7bXq_qkS7zubFrUdy67w5pUSddhcZ_udmvcwGY5CVhnPFCU3FpXk7X3F7s5bUdoVn-0crA16c2f2cPECOLDQ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7ySQCxWZbe1EuiWjuwPu7WPmA_JntKxXLWY49aTAcCNtwEQASAAYJX6-IGUB4IBF2NhLXB1Yi0yOTc0ODk0MDUxMTM3NzMzyAEJqQK_2Gm_FTSyPqgDAcgDAqoEygFP0H-jeBmCOHYjnyCuvEV6Loc4Zj1XAvu2xEt87KzBc_jD18_oH3wsATXp5PBsH19mjAkJ_0nKtOpB7gRBVtysaY2gwsSRWOEpKPsKiuPMzOIu4xaE31tPAkRSAL8R-n1lMTlEaIpuS3Ycg49MJI0gbKJQ-MpQdPKVo6e2S6zf-8bbdoqKtsmmH6p9Gq-4fylulMHcgNfYVlTubNoebjdAJMSo9prGH76OtoAv-b2x2JaaWvIPYdtwQ0YpmUutQ3mNRP2ft7FZLE-ZgAb4heXCq4vgsYIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2P7GpcanRotjJSLH1VtKdoa_7bCg%26client%3Dca-pub-2974894051137733%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e1ee438f94011670bb55a1bf29c33b93acea0c2570002e5326c9d07f64d6e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iElO2MLP1-UxfkCk00GE-22xvvDXDZcfynuIPjXp1oSnT1EvDIXOY4AMGRk71f3aFTQx7Yx6MzARiHfoo6bnsBQ4oR1uGE3oisIB3KDXKF5IeUw9MvdWgUG4pYwPDv0RDYb06afdEqzhDSNJUQ9hNn-C-GgB9yf5l7AabyWyEpzVlM9BLjV29pKUm50MDt4FKOsEXOyf1vSmodgfrwT2JJWtcyQaenZ7m7UFKsRCJ_ESmSBvKVFH2UPNX2aaoUTFoq576Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54194982
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C41 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5080 192 KB
57 KB 278ms
178ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVYsQAAEliEKd_jUAAizWqdnMU8VH2Zo4aMtTw&u=%7Cbm5e4PunlcLVj0jo1Oxc4GO1Mu8AYLHOVM4htGCGIBM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k841W0JDvRk-kIFk-gqFwW4U2UgyAs938Ietla2bQ7k7IwY8_sPU7ayY_m_TkOGopv-8d75ARxeXsP3hoxagbq4Tyxv9QPAno5g2No6Hyk2lIR72efFRGZ2v9-ZSm4wtwAsb_z08pB62B3rzQza7C5AjjvtNW4sKxUGR8b-2Sat0ISoET6xPcpLgtr7KlzlRJIEi9kvF1M4SE8_yBDY2vc_kLlZf_luNEUtsdi4tYTUj54oFJN97B2bUVhHsjie_vSKz0kw_1fVYIvyP990-pI3ALQIPcWW8Nx5ftlyQ67q1OKQH7fR01M-CpRG-5ZmT7xtscZEAdXlDpj3Ej6U6i5bWCMD3dASnY-iZfOFfoB8R2MIurCNJ0oEKEmyic1I9olj-h9tcN1FTnYM2tbFhqdYKC7iKR4vGcvfife4KnwnVRCsF8Q3jfGQAJHn8txX0zy-tBvo66_8K2ZMldalum2GvL-Sw4wDypUQAXZKbgeZJh4-BXapeELkhbS4xVMj3ZhLG5shR_pvkgTqizdn0XRvqHoZKG3GOC4swdOuBfMDl8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcWlCQCxWZaGsEtTx3wPa5qKYDcme0rFczYbj1pMBwI23ARABIABglfr4gZQHggEXY2EtcHViLTI5NzQ4OTQwNTExMzc3MzPIAQmpAr_Yab8VNLI-qAMByAMCqgTKAU_QKyvWr1ZH-OjaHbSFYesRbCXh2Rzivj50Jif6s2Olm9ZiginWswRXh_d2ZWoi1EkUi38lTV-jkPnn6bb3AU0hzO8j43V5BvQJWzVswTmSWSPEbrMnCxgcsHR0qmT9VNLsh_jawARsZEh0ZNOayppZkd0u3E2E6RgR2vZ8ANqkd-fts9psoT_v2YjZqIwo6hJ8AuJEYa7r12qRa5fimWjB38XI_wjAS5MnyTlRRVXFDpccPa7-Sv6FF8jkiF88ViJC6LOtq_dLi2CABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38rx5Yo1zA4f2T-tUhbDF7rXCCuA%26client%3Dca-pub-2974894051137733%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0360f0e798406f9ddb243012ae91f049cb715336f5a322cb21dc6972a1c4392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AMIua8LP1-UxfkCkfywZbUhpVyubClAeEBXk3MVp1NWe9tlgsD3QRxpx6Kz1c2FKH9Wv86ahax-kwQgD-AVOZnQiMfIrWP3LxxvtCHYvWpKBEbFC3HDT74FujWmR6Zknp9_L07C_nWYXkU_ofhseQXlffH2gK1fjhdVD4vu7V79D9Yjg0t8Bv2eWMMpBpGRJyTUODMceic2-VlZrGRNMQm0XxiOiBtz6f72luRq6fjOpSuf-rSimK-INCs5FvAau4FrxOQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70411908
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0626 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 5 KB
1 KB 265ms
265ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12366a3e0b95c4cb8500df981a00e58c3deadd8ccd027d4466f4be197906466c

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:40 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 1047
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 27ms
26ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 549
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:40 GMT

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 5952 9 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Thu, 30 Nov 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 7163 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Thu, 30 Nov 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame CC88 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Thu, 30 Nov 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame D07D 9 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Thu, 30 Nov 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK features.guest-star.components.guest-star-rtj-channel-content.components.guest-list-1b1d79b75a824e8ffae0.js Show response
static.twitchcdn.net/assets/ Frame 92B7 755 B
1 KB 33ms
32ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.guest-star.components.guest-star-rtj-channel-content.components.guest-list-1b1d79b75a824e8ffae0.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8873c2794f3ac12226cde30ef4d7890976dacf60b943dcc5d770c82286328704

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 27 Sep 2023 00:19:55 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 4372245
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 118511025
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 23 Jun 2023 19:31:52 GMT
X-Vicarius-Hits: -1
ETag: W/"9b1866ce84f77a38524afe77f3238ae3"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: DCwb9xa8_3oECqM3_WMnyv1Y7Gf3GqyULHACZqliUpKKRsLdxBjDFg==

GET
H/1.1 200
OK features.guest-star.components.guest-star-rtj-channel-content.components.request-button-037ab2b0cd4c5c79bfe0.js Show response
static.twitchcdn.net/assets/ Frame 92B7 10 KB
3 KB 32ms
31ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.guest-star.components.guest-star-rtj-channel-content.components.request-button-037ab2b0cd4c5c79bfe0.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5e0ec7397d29e0fe3f5c25bc30726b1b79f3489b0674557367b08157ba44129f

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:27 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73273
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 169736105
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:58:45 GMT
X-Vicarius-Hits: -1
ETag: W/"c4067df0c4a75a05289c8fa878428866"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: mZd1ypo5IFF3liegh-tLdwGFk69hopTi16rziLCVly0kRxLbFGwEww==

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 1 KB
634 B 249ms
249ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 502c2e49f8557a262213365fa1a99b67a09df837a2e40cee90fa60a340bc4552

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:41 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 447
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 26ms
25ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 27
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 690E 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:46:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 690E 2 KB
875 B 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 690E 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 02:17:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 690E 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 690E 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 690E 0
0 28ms
27ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTduuWRnrEHx5bs-5844ujXVMfx9OraFEGsRLiRVqF5ST9iQ1lJ4J4UrbJ8BoLxyYzw_ZqQGSV5Taa930TYlbtEb20yA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 690E 203 KB
64 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 690E 37 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:20:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 03:47:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5952 4 KB
745 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4F02 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:39:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4F02 2 KB
856 B 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4F02 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DF13 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4F02 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4F02 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F02 203 KB
64 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 4F02 37 KB
15 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:20:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 03:47:40 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5952 15 KB
7 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 07:11:09 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5952 205 B
229 B 26ms
26ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:42:17 GMT
x-content-type-options: nosniff
age: 18503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 09:42:17 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5952 604 B
628 B 25ms
25ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:46 GMT
x-content-type-options: nosniff
age: 61014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 21:53:46 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5952 21 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 03:59:33 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9C41 0
104 B 251ms
68ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKB28MRLlJJRGrNUD_2wHZc&google_cver=1&google_push=AXcoOmRAVcfTXjDEFmUQBj1Qkq02ctNmxmH3ERpAR_mYSjumokf09qKOiElE04PLfKlpezGBjuL1i8WV1kPFJLISsFydt0dX4mhYhg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C41
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESED0JuW-xgITNYAFTHPnhGoU&google_cver=1&google_push=AXcoOmRomgvZutIvy8PdvzzIkGGwoEcax38CWQCa591OSyP7hfpMGNHApcEi8VDg2w2Hc2fFJwtq-q4wNiXNq0d_SvaOCzl8AXIFBA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmRomgvZutIvy8PdvzzIkGGwoEcax38CWQCa591OSyP7hfpMGNHApcEi8VDg2w2Hc2fFJwtq-q4wNiXNq0d...

170 B
232 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmRomgvZutIvy8PdvzzIkGGwoEcax38CWQCa591OSyP7hfpMGNHApcEi8VDg2w2Hc2fFJwtq-q4wNiXNq0d_SvaOCzl8AXIFBA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmRomgvZutIvy8PdvzzIkGGwoEcax38CWQCa591OSyP7hfpMGNHApcEi8VDg2w2Hc2fFJwtq-q4wNiXNq0d_SvaOCzl8AXIFBA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 14:50:41 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C41
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELgBBYrpo0K2f_xTK0DCgqg&google_cver=1&google_push=AXcoOmTRKQ3bhAxQFJy1eZx6sWiRDnFS8Wn-2FMCptpbL9hVudK819hsdbdcxnfkhuFFQBEPhL17J6IipZQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTRKQ3bhAxQFJy1eZx6sWiRDnFS8Wn-2FMCptpbL9hVudK819hsdbdcxnfkhuFFQBEPhL17J6IipZQ9v2Aae2DJXFlEmJhH&google_hm=fEKD4iyiQyKiWCuUraOULhs

170 B
232 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTRKQ3bhAxQFJy1eZx6sWiRDnFS8Wn-2FMCptpbL9hVudK819hsdbdcxnfkhuFFQBEPhL17J6IipZQ9v2Aae2DJXFlEmJhH&google_hm=fEKD4iyiQyKiWCuUraOULhs

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTRKQ3bhAxQFJy1eZx6sWiRDnFS8Wn-2FMCptpbL9hVudK819hsdbdcxnfkhuFFQBEPhL17J6IipZQ9v2Aae2DJXFlEmJhH&google_hm=fEKD4iyiQyKiWCuUraOULhs
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C41
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_H...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTY0OTIyMzI5MTY2MzQ4OTg3&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_H...

170 B
232 B

35ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTY0OTIyMzI5MTY2MzQ4OTg3&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_HDthwI6v9jDkvZCpzjiFoOg

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTY0OTIyMzI5MTY2MzQ4OTg3&google_push=AXcoOmQ3W2UWJnOh0mqyYj4qqNgQ1pQAZV_0tv1954-wtBUTIJWC8vAmFUoVYvS4zXkoGE596cH2iO_HDthwI6v9jDkvZCpzjiFoOg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C41
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q1_...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOP29QCxhIKYoRxHON5g67M&google_cver=1&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE1MTM5NTA5NDIwMjU2NTk5MQ&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q...

170 B
232 B

35ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE1MTM5NTA5NDIwMjU2NTk5MQ&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q1_5JSO0yzYpYWtQ4I_YnexMQ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE1MTM5NTA5NDIwMjU2NTk5MQ&google_push=AXcoOmSQNbBo51dMpERLeSjkf0QmkUAHilJbyKUDLBJW3gr3izm6gYC2WH796psob7CdoFP5eG1w-Q1_5JSO0yzYpYWtQ4I_YnexMQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 9C41 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 9C41
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED4SqrTNJ367...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSdSEjmy94dGrlpanYOK_gNF-lQ_HCe_kBySY3KuTbyA2x94pRySbMdCXX-grJex43tHSbsSx0XCX_68gLrUQ7eSa8wOhDJQl8
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

200ms
200ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 14:50:41 GMT
pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C41 0
49 B 211ms
30ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8kgYqpZlfjc3qB5VFKEf67k2pjC_PR5ThA8Kq3X9rGRtpU8TBnmtz6-mt6PEIRT3BBWmVG-o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0626
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHMxcTk4Y1kxUjNESHo1&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cver=1&google_push=AXcoOmQB1440B3-W4CNE0dfHaAjAJLrqA4FYIPf1Xk3c22L...

170 B
232 B

34ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHMxcTk4Y1kxUjNESHo1&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cver=1&google_push=AXcoOmQB1440B3-W4CNE0dfHaAjAJLrqA4FYIPf1Xk3c22LfTCQdP2HEe-Sc04B_tWfoQsRhLDBFyF4n6qgRRxVwreVbRfEyipnBCXM7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:40 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHMxcTk4Y1kxUjNESHo1&google_gid=CAESEJrRIgwlPtPKmVPZtEGF7T4&google_cver=1&google_push=AXcoOmQB1440B3-W4CNE0dfHaAjAJLrqA4FYIPf1Xk3c22LfTCQdP2HEe-Sc04B_tWfoQsRhLDBFyF4n6qgRRxVwreVbRfEyipnBCXM7
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 0626 0
0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0626 0
173 B 198ms
32ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKCk4TEI72_Sjd-TpbU5tCY&google_cver=1&google_push=AXcoOmTOnK_VhGTThLdc8Ql4AK1DxZokr5GAOPbhrbZ_XkXaaoMTuXRXzsZLTG3WSpLv52HmcGpTwmuqu4kBRb-e6_2u0152DvN_-mLj
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0626
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED3av0Ly42aagbxa7s0U3RU&google_cver=1&google_push=AXcoOmQ527L4Msto92DxHwHrtntowpCpfkZ54hurCf2qdoeCTdzivK0EKoqtTHjMHB6kVk0qtHJsKp7TsHl0WPxTBB9AFqt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ527L4Msto92DxHwHrtntowpCpfkZ54hurCf2qdoeCTdzivK0EKoqtTHjMHB6kVk0qtHJsKp7TsHl0WPxTBB9AFqtuiR8NiBU&google_hm=eS0yWW5Xd0lORTJwSGp...

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ527L4Msto92DxHwHrtntowpCpfkZ54hurCf2qdoeCTdzivK0EKoqtTHjMHB6kVk0qtHJsKp7TsHl0WPxTBB9AFqtuiR8NiBU&google_hm=eS0yWW5Xd0lORTJwSGpjOTZqUXRhVE9NYU9hdktsa1hOcH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ527L4Msto92DxHwHrtntowpCpfkZ54hurCf2qdoeCTdzivK0EKoqtTHjMHB6kVk0qtHJsKp7TsHl0WPxTBB9AFqtuiR8NiBU&google_hm=eS0yWW5Xd0lORTJwSGpjOTZqUXRhVE9NYU9hdktsa1hOcH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0626 43 B
363 B 208ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRkQ1UwD6-_-F9f3M0XqaS2HgmmzDEYKDTdmFOg8eeNQxWaCJS_aJgr1Hq8l-qJ6WQSGN3lcBDzvoeHjYnAFxlv1DDFYEW5pQuH&google_gid=CAESEKRIYGg4uFJeemiM3n4Yeio&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 292420
expires: Thu, 16 Nov 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0626
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENCVUfsby0Pb2-wmdeiFRQI&google_cver=1&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1pA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENCVUfsby0Pb2-wmdeiFRQI&google_cver=1&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1...

170 B
232 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1pAgctH0C-bxU58BHI2aamSQt0T

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmQ4hgHvTXSvauiObNTiDHLGjyXsnnmuH2tfCIe11w-lhOnT8BYTy5WOIjD6Uyl1_o2BAe_NI1pAgctH0C-bxU58BHI2aamSQt0T
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0626
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECW3jvMF8IyDVpZoEwWuzNg&google_cver=1&google_push=AXcoOmQK42A9QSma8a0MjpGQvok0N0FD8m6dOyU5Zje45r30J1F9dAXMF0okn4qVtI0QO-13I8edt8vPeyU2...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQK42A9QSma8a0MjpGQvok0N0FD8m6dOyU5Zje45r30J1F9dAXMF0okn4qVtI0QO-13I8edt8vPeyU2nDSOiA52D8Co0whTyVn4

170 B
329 B

40ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQK42A9QSma8a0MjpGQvok0N0FD8m6dOyU5Zje45r30J1F9dAXMF0okn4qVtI0QO-13I8edt8vPeyU2nDSOiA52D8Co0whTyVn4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQK42A9QSma8a0MjpGQvok0N0FD8m6dOyU5Zje45r30J1F9dAXMF0okn4qVtI0QO-13I8edt8vPeyU2nDSOiA52D8Co0whTyVn4
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0626 0
130 B 208ms
29ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDE5WUnlookImvMY25PZ0afc7KPx1F8FAufysGGddwinkJnAcrL61cNzZ0nKLIRK1VYVZv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3781 624 B
243 B 68ms
68ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXgbZqtws38G9rcD_1SQre_zsq33nq_LmQzA6dNTAqUVd22wszSIBiZBzlQ1JqT_2u0JMPSBC_kZQhhCQTjomD6tDX3kM8gWXvbiD2Uuxl9t1LD56nRVsiGg8n1v-bC6YiwSgHdv3kIlTqtz2fLO5em7Id1H85twMbMt6Q5ytFHOWvG4WU

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EE40 111 KB
39 KB 178ms
23ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EE40 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:55:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame EE40 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:57:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EE40 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EE40 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EE40 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE40 203 KB
64 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE40 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOhMJzNYIvTW2psQseY3U2yyNSENSolZEw_1eqahupw4fpezdKI4s-n2TiundCaVkdoOWbajiWHHAzAzeZUmyWvwqlWMC7ATqILu_AYIbVoK3NhZE

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD04 624 B
243 B 66ms
66ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXU5IJgsgOk17-YeDqwz5YgdDu3xxkPd_eU5Lazl9VAXOxFRJ9cvJZS27aXbBNDV8D942owa8uzoiDystgGMeqOr4qF3DyjY0SHjc9JHUhIqfBdm9jCv-uUcVL2H_YxZ-GsssxbWGhQ5XPiZ5tmfWQbnxgJcosjts_4Y3K0UF06OA_3xLw

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 82CA 111 KB
39 KB 176ms
46ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 82CA 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:55:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 82CA 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:57:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 82CA 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82CA 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82CA 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82CA 203 KB
64 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82CA 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AR-8h1mxBF_iFlfe4vx1Zbn0Tac2DuyTIsDe-0jcoceMEe9Ym6bfUjK_Uucm11IjW-zPWjwtzlNXWa4BjiVPF5y_EnOZap0SYUKA8JcoEBfC2Xetk

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0A82 640 B
263 B 63ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNWqMAv4p78OjVmvr4qmz5yfNMjeMulPVOPxQu7Eg1bGhSidmfHcCQlxRiAwxb2frb5gFKRHDsIQkNDJa0bHcRzMmOfvwLi3kGGrfHtRrV98Sbzt9wzEESkKEth819QGhxYWz9dsDQfgL5L9SEgmFlnn0l5nCzkqGoR8CfkWZ-3MSmg5-dg

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EA6C 89 KB
31 KB 153ms
153ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:41 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame EA6C 18 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:06:14 GMT

GET
H2 200 attn.js Show response
cdn.lamp.avct.cloud/ Frame EA6C 48 KB
14 KB 131ms
26ms Script
text/javascript 13.32.99.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=0&a=&cp_dspId=dv360&api_frameworks=[APIFRAMEWORKS]
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-48.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 08:24:03 GMT
content-encoding: br
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 16:23:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 23199
x-amz-server-side-encryption: AES256
etag: W/"8a45742518e0e70d41040ddf21529736"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: bK6po0T2SX-jUG85akCMtDvHIiai30fXlkmclZTd-Il0LQnlwi239Q==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EA6C 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EA6C 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA6C 203 KB
64 KB 83ms
81ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA6C 42 B
64 B 60ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bxh1sV1D_bXseL-G3LvKzJkzuHpSiHVJUpHXCk6is_MgDBTHJEqeWnfzteE92PprTv_j5ECRnCUGFDgkNGCFs6As9Vs7SQEGOXXGiPAFPBGkZ-rxM

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA6C 0
21 B 60ms
59ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10123855502569477878&x=1&ct=77

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 468E 1 KB
645 B 36ms
24ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 78E6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e517bfe969e4d54d052e0e7132711cb2dbcd4ddd905e228f0e38210bfb17435d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4829056803898858536/ Frame 690E 31 KB
31 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4829056803898858536/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c7b070bddf5587077c60d901ed78773e9ba44be7e5fe8c7366092edd695e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:38:04 GMT
x-content-type-options: nosniff
age: 576757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31311
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 06:55:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Nov 2024 22:38:04 GMT

GET
DATA 200
OK truncated
/ Frame 690E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 690E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 505E 2 KB
1 KB 124ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVYsQAAEmrcHg4toAAPau0wMjKxs1Z1AQgP8hQ&u=%7Cbm5e4PunlcKyHArTvuC63t4THRwDHB70%2B8ouVsIeBTA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k841W0JDvRk-nbAYlnaTkW7y1jxegkzNYqSum8-AGFaeU-zSslqeEWSPOrupmHEAsKPi2Y2xOvxY30aOxyosCEwMVPJb2CE1lmDnkTI0OK8U0La6ez6A6ZGeqmrEECMX1G_y7LFIB6qJ4Ai_ztTE3io9uPkQeorLR0GOvntHRa4LiO43c0LC3ShrldH6KIyHr4BUcBW4D4GHGK6WKQXrZGC4wzeWXdW3S7QhWzEVFn67lGBx64TeoghzUvERSqRkRSaNAT5bnlF7q6OW531A1erNBwlwVspCnBul6NLwDWZJUcRB1mQyxHVpYqEC8lGvh50JIBquc9j2qgTWeg1mNHnWER9UeZOGDKRyV1sWKqx6ShC-bN4Erf9KR8tWuUHmrM2JJ81vPiMYhzHdjAbMauHpQtfPW3NKEayZ9Wiycy9VoJkDji-l_oZwcmdhJo_aTuiksx4CyoDCi9LtBwc7CPjj7bXq_qkS7zubFrUdy67w5pUSddhcZ_udmvcwGY5CVhnPFCU3FpXk7X3F7s5bUdoVn-0crA16c2f2cPECOLDQ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7ySQCxWZbe1EuiWjuwPu7WPmA_JntKxXLWY49aTAcCNtwEQASAAYJX6-IGUB4IBF2NhLXB1Yi0yOTc0ODk0MDUxMTM3NzMzyAEJqQK_2Gm_FTSyPqgDAcgDAqoEygFP0H-jeBmCOHYjnyCuvEV6Loc4Zj1XAvu2xEt87KzBc_jD18_oH3wsATXp5PBsH19mjAkJ_0nKtOpB7gRBVtysaY2gwsSRWOEpKPsKiuPMzOIu4xaE31tPAkRSAL8R-n1lMTlEaIpuS3Ycg49MJI0gbKJQ-MpQdPKVo6e2S6zf-8bbdoqKtsmmH6p9Gq-4fylulMHcgNfYVlTubNoebjdAJMSo9prGH76OtoAv-b2x2JaaWvIPYdtwQ0YpmUutQ3mNRP2ft7FZLE-ZgAb4heXCq4vgsYIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2P7GpcanRotjJSLH1VtKdoa_7bCg%26client%3Dca-pub-2974894051137733%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 505E 2 KB
1 KB 148ms
59ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 505E 308 B
636 B 85ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 505E 293 B
621 B 81ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 505E 43 B
348 B 118ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vzziFBiS2CFxMGBZS-Ik8zpbHBpIISVW0szzBTzQ_VxzpHCOccNdad4jsKjW2IroV5-45Ll-R0sArqRMFQW2yyxByDR62DjenjTK_PwaasDvGJ65rAVJ0T211Tuy92mPdgXYqiiJ6jH5C_MndbBrecSJM9GpUQQL_6bGhiSSdSK3Ba_-28lq_wtKWF9mv0mBRgQkCxCgOyotJdmdyYj624OXV5v_iC4gWt2YEr_XvpwBa-dt7UnnAfIE5laXWBZJZFP_CF8sLVf_J91Sbxro9xl7OVjRcaddy_Ki5EKn2ufd5rJnGficrqasTT9g-UQFLcl_0lfTb669s9EHVNnEqRhtVsZDus5Ey4o_ksDmtfiyaMjtqQ1kQJkiEoPZLcabKu6C6oQlMECb4lyqTTdT489fibjU5CGo-mrvooYJ9PAP-A7NugGD2Kg9yNTQ5M24K8QEfg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1670789
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H/1.1 200
OK integrity
gql.twitch.tv/ Frame 0
0 28ms
27ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/integrity
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-request-id,client-session-id,client-version,x-device-id,x-kpsdk-cd,x-kpsdk-ct,x-kpsdk-v
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Age: 354
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:41 GMT
access-control-allow-headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts, x-kpsdk-cd, x-kpsdk-ct, x-kpsdk-v
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
access-control-max-age: 600

POST
H/1.1 200
OK integrity Show response
gql.twitch.tv/ Frame 92B7 521 B
1 KB 544ms
543ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/integrity
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 49b4d95b69acd86c171b418753b066676434b734783a782d5a718ca9358bec33

Request headers

x-kpsdk-cd: {"workTime":1700146240875,"id":"33a3791bb2e910431c3a486ce2061022","answers":[5,3],"duration":1.8,"d":212,"st":1700146240784,"rst":1700146241082}
x-kpsdk-ct: 07aWxE9z6ftSmMRL2In81f20dYVbGuZzqgokzZli0UPOt1v3AGwr0puYeBGhlUJGFLuxxawYjJQTsNNvcV3zqa8zh207nOpUaKgAvbIXBTlYOf3JQXFCJUxM4OEVSEMyfjGLXiSuOqU0vDfsQW0VbQQu54zXvue
accept-language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Client-Request-Id: vVLzcLHvnNsFPKgkQQArcLRewJGlpaVG
Referer: https://embed.twitch.tv/
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
x-kpsdk-v: j-0.0.0
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: br
x-kpsdk-ct: 088sx8g1dZEYNZqR0L8jbeJH4lxyHJmX5KpWAKxwoSwW0VZ1GjPPasRn9Qk2osa0Lv17OUNo8zLEYoTsmkQlb9jpSm3BfI2R4H8Y8TLCO8K1Np5OjoaISANnsu9yPx39zlKHHcBeAEFKVl5Mo6omIdUgCUUNJqb
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-kpsdk-ct,x-kpsdk-r
Cache-Control: no-cache, no-store, must-revalidate
p3p: CP="This site does not specify a policy in the P3P header"
Connection: keep-alive
Content-Length: 387
Expires: 0

GET
DATA 200
OK truncated
/ Frame EAEC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e87256beaaf289a51e4c31908c0255c09ff615bce8e90591858b2ec9b8aed30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 505E 12 KB
5 KB 84ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 718732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byZYx%2FQIa7y6%2B5lluOT30GQuMwDO1Kj580eV3hTyUF%2F82w0kqnqHEZywCu1qJ7ReThl0wFVBqsFXh6yXDVlP6e6t5xsiNoPu1IxZReKkz8ZWuayGF%2Bj1OoI9d5K8WIFbDSupZG7isKtPwqGbdmoknoou"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82708c375a069223-FRA
expires: Tue, 05 Nov 2024 14:50:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 505E 12 KB
6 KB 115ms
75ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5080 2 KB
1 KB 69ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVYsQAAEliEKd_jUAAizWqdnMU8VH2Zo4aMtTw&u=%7Cbm5e4PunlcLVj0jo1Oxc4GO1Mu8AYLHOVM4htGCGIBM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k841W0JDvRk-kIFk-gqFwW4U2UgyAs938Ietla2bQ7k7IwY8_sPU7ayY_m_TkOGopv-8d75ARxeXsP3hoxagbq4Tyxv9QPAno5g2No6Hyk2lIR72efFRGZ2v9-ZSm4wtwAsb_z08pB62B3rzQza7C5AjjvtNW4sKxUGR8b-2Sat0ISoET6xPcpLgtr7KlzlRJIEi9kvF1M4SE8_yBDY2vc_kLlZf_luNEUtsdi4tYTUj54oFJN97B2bUVhHsjie_vSKz0kw_1fVYIvyP990-pI3ALQIPcWW8Nx5ftlyQ67q1OKQH7fR01M-CpRG-5ZmT7xtscZEAdXlDpj3Ej6U6i5bWCMD3dASnY-iZfOFfoB8R2MIurCNJ0oEKEmyic1I9olj-h9tcN1FTnYM2tbFhqdYKC7iKR4vGcvfife4KnwnVRCsF8Q3jfGQAJHn8txX0zy-tBvo66_8K2ZMldalum2GvL-Sw4wDypUQAXZKbgeZJh4-BXapeELkhbS4xVMj3ZhLG5shR_pvkgTqizdn0XRvqHoZKG3GOC4swdOuBfMDl8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcWlCQCxWZaGsEtTx3wPa5qKYDcme0rFczYbj1pMBwI23ARABIABglfr4gZQHggEXY2EtcHViLTI5NzQ4OTQwNTExMzc3MzPIAQmpAr_Yab8VNLI-qAMByAMCqgTKAU_QKyvWr1ZH-OjaHbSFYesRbCXh2Rzivj50Jif6s2Olm9ZiginWswRXh_d2ZWoi1EkUi38lTV-jkPnn6bb3AU0hzO8j43V5BvQJWzVswTmSWSPEbrMnCxgcsHR0qmT9VNLsh_jawARsZEh0ZNOayppZkd0u3E2E6RgR2vZ8ANqkd-fts9psoT_v2YjZqIwo6hJ8AuJEYa7r12qRa5fimWjB38XI_wjAS5MnyTlRRVXFDpccPa7-Sv6FF8jkiF88ViJC6LOtq_dLi2CABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38rx5Yo1zA4f2T-tUhbDF7rXCCuA%26client%3Dca-pub-2974894051137733%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5080 2 KB
1 KB 65ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5080 308 B
636 B 41ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5080 293 B
621 B 37ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5080 43 B
347 B 75ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CBjwchiS2CFxMGBZS-Ik8zpbHBpN2l7UV9gtAKHaye118iMt0PQw-WGhI0iqLadVI3A22zlSCHxDyuUhsvqUEkCjLBGNpW-RAjqHsUox9nxS-kUcqxzfasrveVdS7WaLjIGLqdLavfs7gQ60M3oa5gc27vmlvXK69GtDnS971jkI9EQDiBKgcEg0D03jsJMcTVXWzdUIX_yiWSNXska9lL7S-EadPNF98-XyWiSTuhCOu9HpvRwrA7dL_5rHnubqeoNvfao2MNjPiqObjcvaEbjy328CDh1T8ikhbQM4OHdacSpdn-lghLAuuyq2VdgstUlBj4oc1E3ok-A6B9rFisrsR2eM9ej6b6MHauSiEzaZ5QheQV9HHpUCZ5zpvctx5OJK62vpYsENKDc2dAIp16fhFMWfxR8XBsFmj-2iDVoXQc_U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1787737
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FD04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1

43 B
326 B

60ms
57ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXU5IJgsgOk17-YeDqwz5YgdDu3xxkPd_eU5Lazl9VAXOxFRJ9cvJZS27aXbBNDV8D942owa8uzoiDystgGMeqOr4qF3DyjY0SHjc9JHUhIqfBdm9jCv-uUcVL2H_YxZ-GsssxbWGhQ5XPiZ5tmfWQbnxgJcosjts_4Y3K0UF06OA_3xLw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFkUZZaUpIYIiOu6%2BnyzStCj6QIqupUvpwlHZSAMc3uzJGz5umCm8IXl5GgH9FuWVmUUTimOrNGU%2F4730b6YOFbOyiVag8GhRNoWYLE%2BsRIeDBiPa95XyNAK5vrlEodkT2zwtVSi29nncw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82708c37eac31959-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D52IMAzpdyhhU5i2Rp%2Br58k6D0EE%2F7NFu4K%2FKfv%2FOaQzR5uV8VB2c3nfzbntCVKaHkdfESylcWKhA%2B1DFvLe5uA90wbwzLZNgKOiosSacY36q2a%2FQvBY9W3x8zF5X2LlLB1bBpGG%2B54%2B2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1
cache-control: no-cache
cf-ray: 82708c379a5a1959-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD04
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYsQVCDIKJjT7DiCeOHIQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1

43 B
769 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXU5IJgsgOk17-YeDqwz5YgdDu3xxkPd_eU5Lazl9VAXOxFRJ9cvJZS27aXbBNDV8D942owa8uzoiDystgGMeqOr4qF3DyjY0SHjc9JHUhIqfBdm9jCv-uUcVL2H_YxZ-GsssxbWGhQ5XPiZ5tmfWQbnxgJcosjts_4Y3K0UF06OA_3xLw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOdY86TKPHlIGOlRGukBtpxYPbJYWWSHcgMGqVSGA4WvCTNxsi6ML8PJcSp2skI56hFzUDvj6VbiyhviC%2FxorIjYXNVNSqgdHxgo0GqiGPqWeABTNMrp7kv5dDTVXv1Qv%2BSVlfosulTATw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82708c38689c3661-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame FD04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMVd0fM7coRGZMvkTgPJydU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1

43 B
896 B

33ms
32ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXU5IJgsgOk17-YeDqwz5YgdDu3xxkPd_eU5Lazl9VAXOxFRJ9cvJZS27aXbBNDV8D942owa8uzoiDystgGMeqOr4qF3DyjY0SHjc9JHUhIqfBdm9jCv-uUcVL2H_YxZ-GsssxbWGhQ5XPiZ5tmfWQbnxgJcosjts_4Y3K0UF06OA_3xLw

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
an-x-request-uuid: 94f79aae-0c80-43c3-9d2f-6a1219137c90
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
an-x-request-uuid: c1865d4d-4f1c-4624-b67d-1399cc0cb776
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD04
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NTI2MzMyNDI1NzI4ODcxMA%3D%3D

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NTI2MzMyNDI1NzI4ODcxMA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
an-x-request-uuid: 9ebc1cec-4004-4484-a281-7bab23505bfb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NTI2MzMyNDI1NzI4ODcxMA%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3781
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1

43 B
338 B

44ms
42ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXgbZqtws38G9rcD_1SQre_zsq33nq_LmQzA6dNTAqUVd22wszSIBiZBzlQ1JqT_2u0JMPSBC_kZQhhCQTjomD6tDX3kM8gWXvbiD2Uuxl9t1LD56nRVsiGg8n1v-bC6YiwSgHdv3kIlTqtz2fLO5em7Id1H85twMbMt6Q5ytFHOWvG4WU
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9ms8TFYxVKJsbM3HIXdDP%2B%2B0HYJSNw%2F1HAC725k4v2M3xPYh20Zyls3gxc9GBsFxGba8ZasPzFW5HhgGuCoM6bd8M9X34uY2AzgKMD9y5BU7iInFoIhiO4J825%2FvXjhjHssRvSnhMFj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82708c37eac81959-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx%2BOvRkM9TpzMEaCS2o4BQnZt%2F6GN96%2FmEEfc5pRZ3QY3a6TQEUiH1A9CYQBgfifKPLVGl67jgvNKK2ZdcZXD7lLVHhdVKnJD2fdZNtpXuO42Lf8PBXhISpDOsw0JrYIEokCsZrwDQAYpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1&C=1
cache-control: no-cache
cf-ray: 82708c379a591959-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3781
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYsQVCDIKJjT7DiCeOHIQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1

43 B
735 B

37ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXgbZqtws38G9rcD_1SQre_zsq33nq_LmQzA6dNTAqUVd22wszSIBiZBzlQ1JqT_2u0JMPSBC_kZQhhCQTjomD6tDX3kM8gWXvbiD2Uuxl9t1LD56nRVsiGg8n1v-bC6YiwSgHdv3kIlTqtz2fLO5em7Id1H85twMbMt6Q5ytFHOWvG4WU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG1nRjVU8UIm%2F45kdgl9gExUw1cXQM5jAbvHUO%2B2Awr5hRPrr7fzNL%2B3zpWZ6Gjoq08F7uxJMUj325QPEXTdJvkdpHxZjkrWhiNWXW8bDidfmecXegYwxURlRXJkuKTSL0Qef6OqvaGOpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82708c38689f3661-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0VHecwwu4K4YcGKzm_R98&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 3781
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMVd0fM7coRGZMvkTgPJydU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1

43 B
896 B

31ms
31ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjWs4P4ATAB&v=APEucNXgbZqtws38G9rcD_1SQre_zsq33nq_LmQzA6dNTAqUVd22wszSIBiZBzlQ1JqT_2u0JMPSBC_kZQhhCQTjomD6tDX3kM8gWXvbiD2Uuxl9t1LD56nRVsiGg8n1v-bC6YiwSgHdv3kIlTqtz2fLO5em7Id1H85twMbMt6Q5ytFHOWvG4WU

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
an-x-request-uuid: 8d246a02-c783-4c11-83a8-929dc99cbf06
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
an-x-request-uuid: ea2baeba-8597-434c-a5c9-c3b49d24986f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMVd0fM7coRGZMvkTgPJydU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3781
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUyMDA4MTM0MTE1NDk5MjgxOQ%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUyMDA4MTM0MTE1NDk5MjgxOQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
an-x-request-uuid: f3afe0e6-641d-47e6-8b93-6854772ea936
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUyMDA4MTM0MTE1NDk5MjgxOQ%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 505E 8 KB
8 KB 169ms
77ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=196&rid=4&s=FZTmcHCBcgtKijymJTiRiLks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3499c40fb2a828918f50d4d4b1daa09d3b3470a48033136ec99afd3300df608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7882
expires: Sun, 03 Nov 2024 05:28:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 505E 6 KB
6 KB 168ms
76ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10537960_1-201811271459.jpg&v=3&w=400&rid=4&s=0UZwYkJwKRAHGoRr_YohiGO0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d649c4a85256d58d597860ce1cd20c70f74f166d34eb36455147457a37c80a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6378
expires: Sat, 02 Nov 2024 01:24:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 505E 3 KB
3 KB 171ms
79ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12126311_2-202108130002.jpg&v=3&w=400&rid=4&s=L0oDTP2b8TwjcfDgCxE3O9qC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3134
expires: Tue, 05 Nov 2024 03:33:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 505E 12 KB
12 KB 134ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40840740_3-202310131237.jpg&v=3&w=400&rid=4&s=3Uhn3A-l9RRBX4UmVlabV7Hd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

65ace12eba3405ce2c5f6b534fe6af73b033cc8cc1c25777b7b403c36512e8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12184
expires: Fri, 08 Nov 2024 07:29:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 505E 0
128 B 121ms
34ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=iElO2MLP1-UxfkCk00GE-22xvvDXDZcfynuIPjXp1oSnT1EvDIXOY4AMGRk71f3aFTQx7Yx6MzARiHfoo6bnsBQ4oR1uGE3oisIB3KDXKF5IeUw9MvdWgUG4pYwPDv0RDYb06afdEqzhDSNJUQ9hNn-C-GgB9yf5l7AabyWyEpzVlM9BLjV29pKUm50MDt4FKOsEXOyf1vSmodgfrwT2JJWtcyQaenZ7m7UFKsRCJ_ESmSBvKVFH2UPNX2aaoUTFoq576Q&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 505E 2 KB
1 KB 71ms
68ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 505E 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5080 12 KB
5 KB 40ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 718732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAmfPJCl0yXgRCeST71ll4GkoEKiY8JurIHBuZyQpBXaeYx%2BHEmXd8Ux4dSqInXfZJsPMPueCc%2B24Qgw2%2BmieEX3dy5njabyGBIViOXfrVrtKUeMhucn54ImExg5Fo7kMCyWEQ5zgCMQMK%2FS1RBJEPnb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82708c375a079223-FRA
expires: Tue, 05 Nov 2024 14:50:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5080 12 KB
6 KB 63ms
62ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0A82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFZ3m1Rf4mTI_1nSmq9NhVs&google_cver=1

43 B
114 B

58ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFZ3m1Rf4mTI_1nSmq9NhVs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNWqMAv4p78OjVmvr4qmz5yfNMjeMulPVOPxQu7Eg1bGhSidmfHcCQlxRiAwxb2frb5gFKRHDsIQkNDJa0bHcRzMmOfvwLi3kGGrfHtRrV98Sbzt9wzEESkKEth819QGhxYWz9dsDQfgL5L9SEgmFlnn0l5nCzkqGoR8CfkWZ-3MSmg5-dg
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFZ3m1Rf4mTI_1nSmq9NhVs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 0A82 43 B
304 B 115ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNWqMAv4p78OjVmvr4qmz5yfNMjeMulPVOPxQu7Eg1bGhSidmfHcCQlxRiAwxb2frb5gFKRHDsIQkNDJa0bHcRzMmOfvwLi3kGGrfHtRrV98Sbzt9wzEESkKEth819QGhxYWz9dsDQfgL5L9SEgmFlnn0l5nCzkqGoR8CfkWZ-3MSmg5-dg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 0A82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEE0XM3ASKf_wJIWEU9wUHaU&google_cver=1

23 B
163 B

86ms
86ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEE0XM3ASKf_wJIWEU9wUHaU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNWqMAv4p78OjVmvr4qmz5yfNMjeMulPVOPxQu7Eg1bGhSidmfHcCQlxRiAwxb2frb5gFKRHDsIQkNDJa0bHcRzMmOfvwLi3kGGrfHtRrV98Sbzt9wzEESkKEth819QGhxYWz9dsDQfgL5L9SEgmFlnn0l5nCzkqGoR8CfkWZ-3MSmg5-dg
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 14:50:41 GMT
pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEE0XM3ASKf_wJIWEU9wUHaU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 0A82 23 B
163 B 134ms
133ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNWqMAv4p78OjVmvr4qmz5yfNMjeMulPVOPxQu7Eg1bGhSidmfHcCQlxRiAwxb2frb5gFKRHDsIQkNDJa0bHcRzMmOfvwLi3kGGrfHtRrV98Sbzt9wzEESkKEth819QGhxYWz9dsDQfgL5L9SEgmFlnn0l5nCzkqGoR8CfkWZ-3MSmg5-dg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 14:50:41 GMT
pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 8 KB
8 KB 87ms
81ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3499c40fb2a828918f50d4d4b1daa09d3b3470a48033136ec99afd3300df608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7882
expires: Sun, 03 Nov 2024 05:28:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 12 KB
12 KB 105ms
100ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

65ace12eba3405ce2c5f6b534fe6af73b033cc8cc1c25777b7b403c36512e8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12184
expires: Fri, 08 Nov 2024 07:29:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 5 KB
5 KB 105ms
100ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F29407834_16-202305312236.jpg&v=3&w=400&rid=4&s=mKqtaOTHvMLiiIYtvR5LjrdN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dbf6beb89fb94d713cb006197d35a4a7f2fce6acb068a2cf716e20dc1e3307dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4892
expires: Mon, 04 Nov 2024 17:09:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 4 KB
5 KB 87ms
82ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Thu, 07 Nov 2024 09:55:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 3 KB
3 KB 107ms
103ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3134
expires: Tue, 05 Nov 2024 03:33:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 9 KB
9 KB 118ms
113ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F13345971_5-202006180919.jpg&v=3&w=400&rid=4&s=gGiLed_x9-o4zvD2DeeA87-J&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8b0729c39a1048f859d3dc08ab52a723c829235cd4b7d255e13f0588250f460a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8902
expires: Sun, 03 Nov 2024 08:27:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 5 KB
5 KB 126ms
121ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F13203097_1-202006091057.jpg&v=3&w=400&rid=4&s=J1KT2DuIeL0wENMwoQ83ObgF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a2b7c813a467aa88e8eda47de6694448122889e13b188aa55544fcfcbbcb70df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5372
expires: Sun, 03 Nov 2024 06:57:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 5 KB
5 KB 118ms
114ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F29404876_3-202209200831.jpg&v=3&w=400&rid=4&s=nAh_kgQyGDVTKxnnWCTcR3h_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b552a8351317ffd28cc5af3dd425fe8012f2f2619042128fa3dc8d28801b2442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5034
expires: Sat, 02 Nov 2024 07:51:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 3 KB
3 KB 118ms
115ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F29408527_4-202211071236.jpg&v=3&w=400&rid=4&s=CV2z6TcE4jgACikjiZ4r-Q4t&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d4dc518e243d06f337b00ed6c623f2aff3c67aa179a08b68f875e470898a5df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3064
expires: Sun, 03 Nov 2024 07:37:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 3 KB
3 KB 125ms
121ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12349647_2-201811271605.jpg&v=3&w=400&rid=4&s=uuLmoKSqULnMoHVUi6aaxYwE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

706938a922c0aaad87417d2d3eaaa2568df316e860b527fe2237bd7497dc4c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2836
expires: Sat, 02 Nov 2024 05:49:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 5 KB
5 KB 139ms
135ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40304125_4-202306262233.jpg&v=3&w=400&rid=4&s=DCkQBrnCBM54O7sMdHnIBeWS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a2f17abd9ef9d95cd018e46e848ad59d5e0e2f2dd5c9ebfb1387d5b892d2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4692
expires: Sun, 03 Nov 2024 11:38:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 10 KB
10 KB 125ms
122ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F11205960_11-201811271512.jpg&v=3&w=400&rid=4&s=YMvy4YWS0JL0a7oaerBiAZA5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27318f3d1d49de3cb749965da1dbceaf7e5dc071214011fab6cb69e0417b292d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10048
expires: Sat, 02 Nov 2024 06:26:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 9 KB
9 KB 132ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12232457_5-201811271521.jpg&v=3&w=400&rid=4&s=tqJb36qyuWrL2dGKIov78vNC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df5717035efa14bc33bada74d6eccab32efd6bc1156238fb46573f2f341cd53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9388
expires: Sun, 03 Nov 2024 07:32:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 3 KB
3 KB 124ms
121ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F13346254_2-202101112239.jpg&v=3&w=400&rid=4&s=QYmDAWB06A0NPzH1f14bESdh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

91990fd06e331dade092788f7b1535f5449a991bae5691faee7afb53e3a9329f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3148
expires: Sun, 03 Nov 2024 07:28:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 2 KB
2 KB 131ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12232248_3-201811271532.jpg&v=3&w=400&rid=4&s=UtCrIkggwcFSc2TUxCj9en3N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4570913dc9b4394374c8e7eedd80f9f3eb463969199626b32595eee9f2eeb891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2192
expires: Thu, 10 Oct 2024 21:57:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 9 KB
10 KB 138ms
135ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F11524767_2-202110061234.jpg&v=3&w=400&rid=4&s=OVZiaA2ZC7eUuoB5li5x_PwJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

431097f4f934bdc8ae8ea0d5d33a07573e22cf31f50e02499a1b12b98be7c4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9592
expires: Sat, 26 Oct 2024 05:01:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5080 5 KB
6 KB 137ms
135ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F25408430_1-202010152157.jpg&v=3&w=400&rid=4&s=pyy2C5yD9Ut-Tkqo519X1fHS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

18810cc7f62acf01765366af6b41e3890fd2ea526b7a35ce622873468d0f39ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5502
expires: Sat, 02 Nov 2024 00:38:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5080 0
127 B 36ms
33ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=AMIua8LP1-UxfkCkfywZbUhpVyubClAeEBXk3MVp1NWe9tlgsD3QRxpx6Kz1c2FKH9Wv86ahax-kwQgD-AVOZnQiMfIrWP3LxxvtCHYvWpKBEbFC3HDT74FujWmR6Zknp9_L07C_nWYXkU_ofhseQXlffH2gK1fjhdVD4vu7V79D9Yjg0t8Bv2eWMMpBpGRJyTUODMceic2-VlZrGRNMQm0XxiOiBtz6f72luRq6fjOpSuf-rSimK-INCs5FvAau4FrxOQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5080 2 KB
1 KB 37ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5080 2 KB
1 KB 36ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DF13
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

33ms
32ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:41 GMT
expires: Thu, 16 Nov 2023 14:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 690E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e29c35517912aebc722b87fcb35a346c06d92c93c440f1a0ef706f5edd5d6ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA6C 0
21 B 57ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=254971828369&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA6C 0
21 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=254971828369&version=m202309260101&ct=77&x=1&cor=10123855502569478000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EA6C 20 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNrctVkJRraSu4l_Hp5XZ4NZ4k1sjXl0DLtoa5YeDYzsihxhHg6dSSs_-wr_R8yETtkVKVqe-tJZ9D12kZCiYB7DjJfYtexTlh1A4scReNHuppm0Rn5-7kgM0VYxhbSoPkl7eg-5FFBygb56CRdNxCp_vd-sR2E1geQQEO6t8UQ4jPrBg&cry=1&dbm_d=AKAmf-AroISE4IhYciIq5rx-0c7rNfTSXN4N0aaa6oc9bdz8yxeTXyCHMYiw49674f6gKn4CMw4oKlwI50awhuiEKh7P-LOD0kCYEfJDgdpNDBWw8FbnuwZPi0KivL6BN2GVd_bL6nJhktbnhPWk8Z5SDQ9ydAL62rF7WPFCqbwc6WOstQ56BOb8-fH4JLNCaR8v9zT5H69YfnvhAMyKhKkWk1RuZdNDNbRjewx-XY7ujMn3xmfKfub1gFwNZBHCkBGCHinSoFAQ4g7PToH5EoLxe06T1oU_ja9qnAYxK8nX5UqnicfXre3f-TPHzIE-13vsjCCdmwrzt32Z2yKt8EDKyP7398-cJa8itlQb-7TV17cvRxMEtX2ThUpi0QlVIFMcMYXMNxKkSSvjmquHQnehbqzYFgSUltHm36KH-xd-XirHzHTaHhQhGHCfDEkSlD1OJCEdlC8-Fgq4DLgqdl7WcxGNTsyxV8WyDMK8Hvlf_qGL7aaToO1mZLn7yveIVFEwWUgGSvFQPGMP9b4GmKbI3O66_e8LSrYNVVKV9JH2l6rAhomnwy6RsBVQTnXRte6prsHtOWmPHPjjKeTLUj8pRQViyDaraDvlrf62zQeCkI0ZEmmD3vaF3Gf95xLPOah-5fWZ8eGsLMLxZ1bL33fz7qJnMNBd_SMrjm0cczRLdO-kfB7eizql-mUIyVUpibWGFagj99vKtxObzMNhLoaDvyLkA0B2w2zWZBSGB0WmnqIgsCPOvOGbhiAfgENn6PIoGNRcHH1YTOutmy4enN905xZtF4RHiFcbSEF-EdKq1onCBTmCyQzToAp-PdTn2U-iKXuciqmIK2cHw8kBLtlXyG85izcgjhH93XnjotEiA5ULJKcvXvh1xwzdeuEMsC66GaJpfkOHjNDIoR6DeAoHYtJ9ebAocTK9J1fDpjD0oBLSvMymO_AC-pVqBa9h3kcwwUXqAnHl0O7XIG-bkkiUTAo1thp8OJjJKDH02HUfHIPeI6zYeYHiHzDH8CnRDXLEazMe6sidvxb54az2yo0gnl3HROMxLkTo15I3ZMzG9pB8lUjOElc1F90CHeXd6S_6OIYoBS4WT4WEtrrBb6U6MZyy6KiAq8h-ZkhCxQm_IDfNndTychajZLsQg15pG0pqMdmT4XOFm0fdbSJ9Ve21Aj7rFHscRftI1nncgPduXJyyXFL-ufb0-NTXzOQdRKjHoub7tWeOdv015GykZaLgKiEGdMVECqG4jL7-WJRWgHUsqNnsVtvqhALr25ZMUkv22-g0ysxf9sJCWu0Gqx1KBLm1CHt2kaONtN4ZN0UxiasbxCia92suOwemTIRocpyKvP8PX2yXSxYFNJhQI2CIP8CgKc1AJmIVt938xC_7SUmPwOhLqOtg3AYnETJp8A0WU4KJcm5a0_Ct1eNhgV1Cvg5_HCYNYo334jdICchHT80VFY9TLO5vgykiFAmHIzYC3yN2RSKWKg_ZdLyvHeLPJYid-qFwQtm5FeeLKZlPXnQeVMJR1XciKoEBoffTX6kFqwFdS-_Npzrng-FyxLLj-ABaHK1rczk3BEUquAhF4Ns9p3DRN_MoY1xQYcFfr2X1yopq0rHhUxenu_nTm1xLxKle7Vbh1XL6Q7wvA2manFSYFHzwv0oxRw5y7V2UrpgZp0FpCExJNj0qyNSg2vPUz7q3B3l0s3wlC7Ji7TLUEpSpcbuyYGi7p5TPtSUKoOfcNxhx0eKKrg-azqj5O9WsfVwPGpJKO8lIEjdQGVTLoR15hZl4C4LFnqwdopGQit3roNTehearD5s0yC3UNRN5fJ0b99WwoQku2e8ziXk5KfKmxMOLbmKNH9JQvsZNVrleMz8PZc-s7g5IwpTgC0FEMdH6LrrHDv0HxP7oVq1-WxaW42ktHDNBwF70f5BrEqPvb7_1zwcvTTINzFoEeGki20S0F4IDSBVB3IJRuzxsTeozHMOulFnxOvQnhDsvzBUl1haZuf_qSqSCEETC2nt8jWa1DRT2TsRWOrZ5SiAOMWVCcNbvI9L1nfFkP2ATTKr3_iqMj8UGbfZDNbKx3c_m5YBaO_Q7kORVa-Rrnw4LuIijZJ9qYIFj6uHqeuC1evd5WmIxnI3dB5C7ja4c5zv5Nj_Zz7VmFzUeTRuZu47HJaTKAmaP3ZRInNeyE743zzaKSR5leb0wISltV9KN7-g63phY-Q2R7yZWA-196JIfKnInmAeXgEp3EZUBBhxuJrzjglIw8oZpc7kpcLTQt01WlZEvwvqPChn0e_0cgRKJrUqkIh1pp5pC7BHOyggh-pUxxYNtowqEaQPQAU7lIGN3YFxyGiq9-tlOE8NSpywEEUMz7arN6xXEg3KppWldWVYst2m5PGn9dfumS-6qvl4nYH3L9pqqEFRsG_GELAOLJso2gXq-5fRcMQ88Wep_R3v2YzRNII1nQqP6mqUA89QHAItgTTEJCiB2bwYPJT-Pagqy_-mKO7GdxJM-DB2Y3PnCG9-pQzBX4Gl2EemnffgR3nXeMABj8i--7AS0r4XemZk1oZsDme0yBI1nUEv8T-sQUSz_Ok6HVa4J1pfURxggg2QYjXjZVP_8b8gdj24mvIAr-94is0t9-g9_7lDr8X08foq0lC80JDt73qawkHlxAY4dIjdaJUi8ht_Hv9ojh_tTMr8mMNifH0YvsMjt3dG65ilSi4ibXt87u2v1SLBWLSg4ChSNlGfFnX85gC-IRrrQjFkhE3X5OcbNkCY8vd8LjBLyDKp0LHeDV19LA2bOwW7VKD3cEW3kjTiZHja2s9Iqxt6buzi774xZYZ8C-_0qY9fJcKOIEs1xECLREUlFjtGryxjhJLm2XaWvjpSTsUmeVXbxQv4pjOg5JvIt38MTJCwKP64HGtaaInZmtsAHYpcgnFGB1LwuF_a0xbUeNFPR0IJVaAi37bqpDKQnf2_f0nfP7CacJwS27qtOeAUOnGYheTxdXL5NbPjpWx7nJP-9qYkXZ-q0m9KyKHyxRaNGaJmj3OSIS983W0cagH99D7FFzP85YxGnsJZYFHIdb--VWp3d6Wjxy5Ha8u-T7CqEs3KNWAd7zwUuDYvp1ccjkgVVcxcTVnO-8CDHaZxUuYrj_EGZlsKE5nRbmxRYI6jp6c41FO_lJmSMwFIBOZWw0zRbSfsQ7PvQpisR0t6gfz869m2_4KPBboqDjkmG9zU9mOzrGSyzgZY6Uqw9y_SJXq5bAVZfHsZN-53fUrvD7_TZKzIpGXgoQgqsTvHtsEYaTfMLs3N2Qhr_Lp_XHuaHtk7hQsPi-IP4mQ_1jbeLzEklg7zniQEa5b5swOa75_-v9hbW63SNpk-ArYslbXQE9QWbifem79IDJqDLbPzIvjOJeqWdKhE5ZIu6PxP1UmqP9LPZyDvy5NZ1m4zrMVozne5qtqxHdRSwzgb4ICPc_AVoGFC8fn2N8MvKSv_05awPM_CYaEqAJ_ZyUha2i309x9ruU0TfHLcZJROIcs0S3VzJ5abrMdxGUhTZLn_RCqiXkbZslAtbQSoLqwqy0SFOOk4xyq-uYjiDpaFi8JuNIaEbSihYErKXe4SQDroaXKWEkA8xX-rc5T4d4y9soM9_nrnh9_-CgBqiFp-bwQgmNaalZjtOQFmvIhIYVftMnJ7rveYvUkiPBmSzkj51QyHkQAvyDja_dgpRtbLDQFAAXRlugfAdWHSJIZD4TM-OI5BzhALIiim1QAgmxqGrFV1PoC0jZZhHQnPSqifbKjMRiBQiQ45pvem8EVKxj7yWiMAlAzKVG6cWh6BYMxAXQsOfCIhVh5wS369ARC9Ky5vi7UFKa4HC_7OmSkjaqkaVq9vc3DJrkym4nbzgf5Ztu715EfEC9BjEMIA23hmOWc4AzbA4VU8QDzADAPlj2rPiqiBhvjhlzjKkGXm6P1bmIO1GIkpoZpyE1A&cid=CAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fxuxatv.com.br%2F&ds=l&xdt=1&iif=1&cor=10123855502569478000&adk=2988274607&idt=163&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4f4f586d47286e3dde175fcf534d92a51cd417d1fa3c3db425d1cad3bfcf8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14005
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 468E 0
103 B 42ms
36ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPO3EKz_BJ7fk7sSBmP7Gd8&google_cver=1&google_push=AXcoOmSuLNhoTG0KyANI4E2aWv3vxszH-SZILGpGu8T03NAfM3UiCKQGQCYYU0t510ib9CDpVGUZECVO2H8763kjQyoZxpJTVQieCpQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3996&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 468E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELySCh4W9yEGHvJbmpJVwGI&google_cver=1&google_push=AXcoOmTCC5j5zW2GbVr-byGDPNI2D3II6iS56zRLatzuqGGZVmjLVDMQfPSELlnmonqIjAgAzkZyfgXLNJ9LbkvvH7Ml78hHOtWCE9U
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmTCC5j5zW2GbVr-byGDPNI2D3II6iS56zRLatzuqGGZVmjLVDMQfPSELlnmonqIjAgAzkZyfgXLNJ9Lbkv...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmTCC5j5zW2GbVr-byGDPNI2D3II6iS56zRLatzuqGGZVmjLVDMQfPSELlnmonqIjAgAzkZyfgXLNJ9LbkvvH7Ml78hHOtWCE9U

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A06CF1EEBD847DD9828D43E699CCD47&google_push=AXcoOmTCC5j5zW2GbVr-byGDPNI2D3II6iS56zRLatzuqGGZVmjLVDMQfPSELlnmonqIjAgAzkZyfgXLNJ9LbkvvH7Ml78hHOtWCE9U
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 14:50:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 468E
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAUk1ElKElLeXK477W-gTHA&google_cver=1&google_push=AXcoOmSA4JjZRNKJO3cs-ik849biJHH_-PmcLBNJXoc_XrFaMOpaf3Kl6Zajv7MIz67DVTYS_1BIS9F_qi98ih...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSA4JjZRNKJO3cs-ik849biJHH_-PmcLBNJXoc_XrFaMOpaf3Kl6Zajv7MIz67DVTYS_1BIS9F_qi98ihIadkuPzKmpz1hmegOL&google_hm=hmVWLEE3nuxUg...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSA4JjZRNKJO3cs-ik849biJHH_-PmcLBNJXoc_XrFaMOpaf3Kl6Zajv7MIz67DVTYS_1BIS9F_qi98ihIadkuPzKmpz1hmegOL&google_hm=hmVWLEE3nuxUgEPbyA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65562C41379EEC548043DBC8BLIS

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSA4JjZRNKJO3cs-ik849biJHH_-PmcLBNJXoc_XrFaMOpaf3Kl6Zajv7MIz67DVTYS_1BIS9F_qi98ihIadkuPzKmpz1hmegOL&google_hm=hmVWLEE3nuxUgEPbyA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65562C41379EEC548043DBC8BLIS
date: Thu, 16 Nov 2023 14:50:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 468E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBGHLjOqLWg0yIGT5wX55vU&google_cver=1&google_push=AXcoOmTEpvIAb8GLoDDm4JCJr7dpjcwPaYvS-bdiDiHYEz5iPu8BA4GNCdqQi-VSONh7PMlPGKWDuB3izDnGIG...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjA3MjUwMzUyNTE3NzQ4OQ%3D%3D&google_push=AXcoOmTEpvIAb8GLoDDm4JCJr7dpjcwPaYvS-bdiDiHYEz5iPu8BA4GNCdqQi-VSONh7PMlPGKWDuB3izDnGIGR1kn...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjA3MjUwMzUyNTE3NzQ4OQ%3D%3D&google_push=AXcoOmTEpvIAb8GLoDDm4JCJr7dpjcwPaYvS-bdiDiHYEz5iPu8BA4GNCdqQi-VSONh7PMlPGKWDuB3izDnGIGR1knSBq49YCZhPSaIG

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjA3MjUwMzUyNTE3NzQ4OQ%3D%3D&google_push=AXcoOmTEpvIAb8GLoDDm4JCJr7dpjcwPaYvS-bdiDiHYEz5iPu8BA4GNCdqQi-VSONh7PMlPGKWDuB3izDnGIGR1knSBq49YCZhPSaIG
Date: Thu, 16 Nov 2023 14:50:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 468E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBSSw_IXKod63xzIT-J_3Z4&google_cver=1&google_push=AXcoOmStcA-kA0bzidn6u01PqR0Mxw9U6wRh1R-0nHoZORRfUgRA2qjjxzmreu-4IQYR2Zk_UQthjYsGISkNCDLv...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v72TfJuKTqwZCUwM3bSafA&google_push=AXcoOmStcA-kA0bzidn6u01PqR0Mxw9U6wRh1R-0nHoZORRfUgRA2qjjxzmreu-4IQYR2Zk_UQthjYsGISkNCDLvIThet_mexUPVHJZg

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v72TfJuKTqwZCUwM3bSafA&google_push=AXcoOmStcA-kA0bzidn6u01PqR0Mxw9U6wRh1R-0nHoZORRfUgRA2qjjxzmreu-4IQYR2Zk_UQthjYsGISkNCDLvIThet_mexUPVHJZg

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:41 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v72TfJuKTqwZCUwM3bSafA&google_push=AXcoOmStcA-kA0bzidn6u01PqR0Mxw9U6wRh1R-0nHoZORRfUgRA2qjjxzmreu-4IQYR2Zk_UQthjYsGISkNCDLvIThet_mexUPVHJZg
x-host: tde-deliveryengine-production-bb588bf9-mvw8c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 468E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB7enqFpBFd-3dHeh9Ag4RA&google_cver=1&google_push=AXcoOmSGFD9GhoOqAcXky1rEyfM36MgDyDnu8NfXP27Kf30tqT4Nu-cAyU8kZwVCfer5MsEeiAlJUqecyFX-oV45SiLgEww...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGFD9GhoOqAcXky1rEyfM36MgDyDnu8NfXP27Kf30tqT4Nu-cAyU8kZwVCfer5MsEeiAlJUqecyFX-oV45SiLgEwwq-yDc42Ab&google_hm=eS0yWW5Xd0lORTJwSG...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGFD9GhoOqAcXky1rEyfM36MgDyDnu8NfXP27Kf30tqT4Nu-cAyU8kZwVCfer5MsEeiAlJUqecyFX-oV45SiLgEwwq-yDc42Ab&google_hm=eS0yWW5Xd0lORTJwSGpjOTZqUXRhVE9NYU9hdktsa1hOcH5B

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGFD9GhoOqAcXky1rEyfM36MgDyDnu8NfXP27Kf30tqT4Nu-cAyU8kZwVCfer5MsEeiAlJUqecyFX-oV45SiLgEwwq-yDc42Ab&google_hm=eS0yWW5Xd0lORTJwSGpjOTZqUXRhVE9NYU9hdktsa1hOcH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 468E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBJCUCxzjZsWwXxWvYXTivY&google_cver=1&google_push=AXcoOmSerdaFNCZZYcyT9BuLAJOlyT2uWhFy1rSR5MZvFe2Di7H14-cIDXjtDsqwqlaArMz9pEvucge8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmSerdaFNCZZYcyT9BuLAJOlyT2uWhFy1rSR5MZvFe2Di7H14-cIDXjtDsqwqlaArMz9pEvucg...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmSerdaFNCZZYcyT9BuLAJOlyT2uWhFy1rSR5MZvFe2Di7H14-cIDXjtDsqwqlaArMz9pEvucge8UUPN-b_T50ZynRiHygVehLQv

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ5NzY5MTQwOTczMDQyNjg3MQ&google_push=AXcoOmSerdaFNCZZYcyT9BuLAJOlyT2uWhFy1rSR5MZvFe2Di7H14-cIDXjtDsqwqlaArMz9pEvucge8UUPN-b_T50ZynRiHygVehLQv
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 468E 0
12 B 37ms
32ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLRT6Ic4mS9tDaP6f4FiApxBDZOH_ohtVNiAoP-p408R8VW4DUi9nBgFEAdm2Y5kcBYi_K

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame EE40 9 KB
4 KB 184ms
50ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 14:50:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:21:20 GMT
Server: UploadServer
ETag: "4fd30d56128c4e7705e200cd98cfb057"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Thu, 16 Nov 2023 15:05:41 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/ Frame 49A5 6 KB
2 KB 66ms
21ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b6914e9f70280973f09ee2491397150dd4c94706974bfd7f4de0e5768a1a432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 514630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1896
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 15:53:31 GMT
expires: Sat, 09 Nov 2024 15:53:31 GMT
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame EE40 0
0 136ms
69ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst5Ro2DsCwN-jmeZJ1tv-LqEmg7VZ-Yh0Wg25XXLIn874_CFgnnqKQ2HKx9JuCuu9Dxd9O9WJnCBXYSg8dabMaYCmsITomeyIThK2ejFlEze9byXjGv4QgfTo7SIW1MmxlAZnBZM-HBQImkSQHC-kF1JW5nuZ_BlCOHKObqzGJvpkC9SLkZh3xm9I8WQXmvHozv_xS1HhU8TssQlxOS1y3WF5OhZjPBsFSG4rOx4We9PG9OkWXwJgmTLw6FFn2XQ1x6sHV3emjcqJifwB_zlwoEUaVSeQoLj_oPnaUwOI_inaDp0Vpj-RWuVG43mTvXPViQy3tj7vd56t0r-634vh9Rw7ONlLWiN7VP5QauHRp7-BMQO_vUjQFgMAbrtXuYFAmaQ6JAlNEvzQaNKsraciBMLbpEHc1LBdAbQCEsVVatjCnpP07Esvx0OR-eGUdqHhwzcz_CGH7MHFol7Sky-qtWg4hgeRsr29u1Vd6boGXKSzk74euB88KU5EB1tna53fVopVy-jD8t_J3NqOXjBZqSTwJRn-FpFArcL6SIuGvuvebTVI-B4O3QY2bo_27xXHbYQukiEGVHFS58tfTvXWK9nXKA8UmQcOdVYZ1xaLmgyYsMcVMQuC83fcgKyEX8NpJQiluqoyQ2BH_2dbUr0XJB5O8NO04cbtV_Z-JVJWFSiyocU16gSXsktggZycXyfoNO0ynWnbVEZormb-bMRUIjnne6RphBW7DeFXbnwmpEKEtD1hi0eN7ZAaYYWKjuGI3koabCNeINN8nZYaJkUwj0XSrwyChOmxB3o3I2ziNn0eIpx-Hu6Q5MylCrhTdrjgQI-hFjPpMd-L1DdZAyb0N2pD9vYtoIW3VXLJfV20fCYEziT60S4KH8cUewyy9wksyVsDzpDpXDMt6Pnr9eEsGZBhTWGwDLaD45mikTf7-oPxfhpk5-xJhrNqYFk609jWZICRT9jfDy1UIc2b-GwBYgQJ-_fCWShlFXIYdA_VOw4RxLgvV2-O9JFrO7LlrGMZQw0D0503bJ3rEnHIJIAV6TizhGbXbGFrXLh0K7J0iBCHpPNlerJ46m5_m-Rak9RCcKQBeZwS1juw-eUdB3qs5GaSKiSHdaZxx6IPkcBIER8HAJw7s0R8OBWNONWOYASEAjvk8wvYmucEY20G8tGuC55O7hW6fFXHGmObGNonEVpowJWP05QxUF6_S8OY1OTS5vfn4ffzBIMJ6EXo7sPBGpmMut-jZoVb5nvsEHql5AtpUTBeqm3hgRxN6ilZtzf5y0X6aXzo25DuhP1Dcj6A_7XQPthoMU2APyAdagKoA4iU_gKr5I6FMzL8Y43k3iqFFLXEPVDbr_-Mcl0spwPM69yk1yhw&sai=AMfl-YQfbXqz7sEb_6E_dgceUQxHMW9SYsM2EpRZMfkT0GUwXQtpyYKBQzQ8Ma1Yik2eTVe2sG5BnfgUkgPNk3x-O-0qV_YstvmMgNJPK7HkFFX4gPNlgzb6GuEh0yhBEwYlNv9g86H_FqVrDRHxVKlfV8xCCTFsszbD_n6xQaFpnxIB_H5yISx0iZos4r2wHOXjsqGGFT1madXSzlgh3f_cFjTUHAMR3FyNa5UF0IWifBCaNjHRSiZo_I2daJ3Pxl865Kz30SUHITAy1-9lsRSTyWPWDenuMhMl96PXAeCGRXbliqlWqZ1eZiEQA10jnomsL6Nm-MPvsydyhM6y9K3X_Tu98K38b2TX-L1H54gyWU1C2jw_Juf5Oi3KR8g1CrW_nBN4rugCEMpUwgQYErshXbSBadj773RC8sHuGJPCfYJVd8qQCP-w0NrrVovh7sjnXKNZIC_vT3Ghs-a63NV9uRgqaQ1CiDsQX8Chk4z-O3rra2iiQ94irINBkxBqH0t9kxrIl2BaUS-E&sig=Cg0ArKJSzCgJkgFJFxzeEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oeXVuZGFpLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&cbvp=1&cstd=387&cisv=r20231109.14064&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

204

tp.gif
1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net/ Frame EE40
Redirect Chain

https://pixel.de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_116_de&c=11600102&pr=2146339555&gdpr=&gdpr_consent=
https://1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=1700146242344EE2B0C764FA1AC7316038B30FA1A8FCFD...

0
364 B

176ms
90ms

Image
text/plain

2600:9000:211a:6a00:1f:f009:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=1700146242344EE2B0C764FA1AC7316038B30FA1A8FCFDA488EFB92D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: H2
Server: 2600:9000:211a:6a00:1f:f009:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gsaCU7ZzjSXYTN6MC5D52MkSWYuFtDv4fkQM9VHzddSbnZcGRmIrWA==
expires: Wed, 21 Oct 2015 07:28:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:42 GMT
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
location: https://1700146242344EE2B0C764FA1AC7316038B30FA1A8FCFDA488EFB92D.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=1700146242344EE2B0C764FA1AC7316038B30FA1A8FCFDA488EFB92D
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: bvH4gl4_cbOQc7PfjlbGXbIAKO5GcL8GMHPPgAV0CD7yMaIPB5qUsg==

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 82CA 9 KB
4 KB 136ms
50ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 14:50:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:21:20 GMT
Server: UploadServer
ETag: "4fd30d56128c4e7705e200cd98cfb057"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Thu, 16 Nov 2023 15:05:41 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/ Frame FE18 6 KB
2 KB 24ms
22ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b6914e9f70280973f09ee2491397150dd4c94706974bfd7f4de0e5768a1a432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 514630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1896
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 15:53:31 GMT
expires: Sat, 09 Nov 2024 15:53:31 GMT
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 82CA 0
0 69ms
68ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvKup2BWcfCPdQ8JZ8g_xf4R-ztU837NnkH9_Te_MU1eOJZtzfOczA8Y8bjNqU7P11EZ3CNbnbePJ392SrW_WhIxOtmRsFjMZ58hjU-hk8dctAXL0WR5phoHMK8m6nTNPQywYCDEmnbi_q88TEBTXgiNx-u1iT3Xfs-vFyvFvc_htD_K3J9DNBfar7gQO9cGrCQQGlQjCxMkjtfmbBoe0YS7-56F5r2C4QTsECZ3DekatxjwOvjaMBL3oofZXGFQkpaSvRvxYvTs0rahET1MdIYLt9bED-5AyAB5_SDexq-qPyDbyU7p46iNTCPmYJMiQXW3-tXaqsJaYYfgNfwndkWkCIFdaWPe-zroCdojE5pbrfG-1URWo5Gyg8ruQDqq-zbn6W7_9aK1skD6Q2W5cY8loadgIah5gBbRRPypcFBwubv6bWWDYH4d4k2WqHU9Diy-smcl68oHNY7gYIA2jAKlJ-TA1MSCAPdqIQsWjXwHxwtQ9B2aM7SZ7Lj_8mcvVy_NWlPft3pquniU2LH_x93mHTK5hea7RTwq1eNKA-TzuDArKCFqcUuDyVxX6OllzjSkWZGMbKsv7no41rcnvXA-AJME-u1VHRw5k_5vng-28yLYga9AiPLK2Ef4lk6UCCdVH4i4NSd__Uk9CYG1qXK5RINOHfhlDsqohr706hp4AIZ4E9fIoAwx0CWe0T-bGDdG0oOWp5OX5IA944MIa5lxR1EJcw9P2eMxSt9PwdYFMrPDkIwK0BnwffkOwWdRcYC8NpKiRco9C3c5O6n0M0RKezZHVgp4k18yf1wsrIGUgdBCJORzzfIeMbjs-e7fozPh_7sxtTQqZAYu9mMdOQkpi16GH-yaqMSchu9b9oYDqK2wzwh2kjpS_ALmK_G-oreC5Mor3VHcvXKs1EAy3X8BdlcIDItSXvcpOeXEa5GpgYYonk3horrBGfFU-5uABPfiN3zkHOW3Xpke4NAaojDTYKh6MrDHn-IsT3IX7cFCFjicsQ9i76klfvsUguXxvaFBo_bA-Ug9Rco1gEcqbFSLqN8ugCBos_S4VQbRF5nrA9iHIvk-zvDFLucR4TEr9me0T6HK8AVsoBqSxPM8vSAkQ03JnfzZg7661ATIWCH_I2U0fxp58_QWQ7c1-rBypkgNKYiTOyZK8xAdFmKwfa5wkUxk1fNfqEWesE9X4QLEoOdht1JIkstf_CPsFqO9ybVfrWNfTLNPJUPMQIBKlVmUGK6HBN6yl6JFwmTVulVxSHIc1NRn1QVzrR8sCS-pPrTsjbalgrJyWUgEHw-9VeQbwvBrdJCYsj-wfgOqh68XJrq-xvP-VZYHNZ7pXRVE6L1ZYjA_dDisAlHt4S-tddmKSDkyw&sai=AMfl-YR5XauL4gLi5Th9s7GoYl1jpEOYnEsBJvj8_Ejr42nwK-yEzrcfu1CBzkS6Czr3dwmIi5PByiYfFZMiwjNsKafFwetA81usqofM6gZ_ZQBFDVlvKaYIVwpcqDUKiakdwNTNiyFw_9UxSbLCfx639CBQosjuz1wXNMsLDrHli2dE_5HpoPcN5xPuNO9nxU1Jwcdg4xlN3jtg56pZL8qDYOQe5jrPFfkMcTGGo1fV3q1iuqJz22b_ITLfyiC4NHQ8akBvmf0b_wfvo7Q7wo0TH5krgswmqQpaDl0oRuWyiSuPsX2Q96D0yu-joQM902uTjyo7Pi_LULFYTB1iXluqWmTQa6B4Fz7465xV9IuA7ZTE_ItXy7IChPbBO-QCIBObwQ_dpxFPFeEq7kpgSd0tWgtMN2LntbCbXp59SD94gb8zclTuWxyIzp3T85Uu8ds7G-et4FOHah4GMxqHhUaT616R09vp3C6IL6zJc9AdeNZ4bSclj3qjoL72cmh0V6aj6n6uGKs2_tf_&sig=Cg0ArKJSzFU02KCcOaEHEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oeXVuZGFpLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&cbvp=1&cstd=461&cisv=r20231109.55366&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

204

tp.gif
17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net/ Frame 82CA
Redirect Chain

https://pixel.de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_116_de&c=11600102&pr=291987283&gdpr=&gdpr_consent=
https://17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=17001462414732CF4CB9B877531377D48E89A673295F4A...

0
362 B

125ms
55ms

Image
text/plain

2600:9000:2394:7e00:1f:f009:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=17001462414732CF4CB9B877531377D48E89A673295F4AA77BF69FCB
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: H2
Server: 2600:9000:2394:7e00:1f:f009:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
via: 1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zu2tkPIWLeC9LP16eJ_KZZeEllWNyzO8gdBjfLx9LZdKz5m7l8Ri5g==
expires: Wed, 21 Oct 2015 07:28:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 14:50:41 GMT
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
location: https://17001462414732CF4CB9B877531377D48E89A673295F4AA77BF69FCB.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=17001462414732CF4CB9B877531377D48E89A673295F4AA77BF69FCB
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: munf41_GHURMDBkRGCw70SZZrb0tV1Usr2EFMrCyMKvmpKNR8aZ6nw==

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 505E 6 KB
6 KB 35ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d649c4a85256d58d597860ce1cd20c70f74f166d34eb36455147457a37c80a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6378
expires: Sat, 02 Nov 2024 01:24:38 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B1FC 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 551181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D916 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 551181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 49A5 60 KB
24 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Nov 2023 14:50:41 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/js/ Frame 49A5 2 KB
764 B 23ms
22ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc454e2de7f1c663a6a5e236129d355dd0d4b699fcbd5900428e7409ced82db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:37 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:41 GMT
vary: Origin
access-control-allow-methods: POST, OPTIONS, GET

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 505E 2 KB
899 B 43ms
41ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 505E 2 KB
900 B 36ms
34ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 5080 2 KB
899 B 36ms
35ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 5080 2 KB
900 B 35ms
34ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FE18 60 KB
24 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Nov 2023 14:50:41 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/js/ Frame FE18 2 KB
764 B 24ms
23ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc454e2de7f1c663a6a5e236129d355dd0d4b699fcbd5900428e7409ced82db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:37 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EA6C 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNrctVkJRraSu4l_Hp5XZ4NZ4k1sjXl0DLtoa5YeDYzsihxhHg6dSSs_-wr_R8yETtkVKVqe-tJZ9D12kZCiYB7DjJfYtexTlh1A4scReNHuppm0Rn5-7kgM0VYxhbSoPkl7eg-5FFBygb56CRdNxCp_vd-sR2E1geQQEO6t8UQ4jPrBg&cry=1&dbm_d=AKAmf-AroISE4IhYciIq5rx-0c7rNfTSXN4N0aaa6oc9bdz8yxeTXyCHMYiw49674f6gKn4CMw4oKlwI50awhuiEKh7P-LOD0kCYEfJDgdpNDBWw8FbnuwZPi0KivL6BN2GVd_bL6nJhktbnhPWk8Z5SDQ9ydAL62rF7WPFCqbwc6WOstQ56BOb8-fH4JLNCaR8v9zT5H69YfnvhAMyKhKkWk1RuZdNDNbRjewx-XY7ujMn3xmfKfub1gFwNZBHCkBGCHinSoFAQ4g7PToH5EoLxe06T1oU_ja9qnAYxK8nX5UqnicfXre3f-TPHzIE-13vsjCCdmwrzt32Z2yKt8EDKyP7398-cJa8itlQb-7TV17cvRxMEtX2ThUpi0QlVIFMcMYXMNxKkSSvjmquHQnehbqzYFgSUltHm36KH-xd-XirHzHTaHhQhGHCfDEkSlD1OJCEdlC8-Fgq4DLgqdl7WcxGNTsyxV8WyDMK8Hvlf_qGL7aaToO1mZLn7yveIVFEwWUgGSvFQPGMP9b4GmKbI3O66_e8LSrYNVVKV9JH2l6rAhomnwy6RsBVQTnXRte6prsHtOWmPHPjjKeTLUj8pRQViyDaraDvlrf62zQeCkI0ZEmmD3vaF3Gf95xLPOah-5fWZ8eGsLMLxZ1bL33fz7qJnMNBd_SMrjm0cczRLdO-kfB7eizql-mUIyVUpibWGFagj99vKtxObzMNhLoaDvyLkA0B2w2zWZBSGB0WmnqIgsCPOvOGbhiAfgENn6PIoGNRcHH1YTOutmy4enN905xZtF4RHiFcbSEF-EdKq1onCBTmCyQzToAp-PdTn2U-iKXuciqmIK2cHw8kBLtlXyG85izcgjhH93XnjotEiA5ULJKcvXvh1xwzdeuEMsC66GaJpfkOHjNDIoR6DeAoHYtJ9ebAocTK9J1fDpjD0oBLSvMymO_AC-pVqBa9h3kcwwUXqAnHl0O7XIG-bkkiUTAo1thp8OJjJKDH02HUfHIPeI6zYeYHiHzDH8CnRDXLEazMe6sidvxb54az2yo0gnl3HROMxLkTo15I3ZMzG9pB8lUjOElc1F90CHeXd6S_6OIYoBS4WT4WEtrrBb6U6MZyy6KiAq8h-ZkhCxQm_IDfNndTychajZLsQg15pG0pqMdmT4XOFm0fdbSJ9Ve21Aj7rFHscRftI1nncgPduXJyyXFL-ufb0-NTXzOQdRKjHoub7tWeOdv015GykZaLgKiEGdMVECqG4jL7-WJRWgHUsqNnsVtvqhALr25ZMUkv22-g0ysxf9sJCWu0Gqx1KBLm1CHt2kaONtN4ZN0UxiasbxCia92suOwemTIRocpyKvP8PX2yXSxYFNJhQI2CIP8CgKc1AJmIVt938xC_7SUmPwOhLqOtg3AYnETJp8A0WU4KJcm5a0_Ct1eNhgV1Cvg5_HCYNYo334jdICchHT80VFY9TLO5vgykiFAmHIzYC3yN2RSKWKg_ZdLyvHeLPJYid-qFwQtm5FeeLKZlPXnQeVMJR1XciKoEBoffTX6kFqwFdS-_Npzrng-FyxLLj-ABaHK1rczk3BEUquAhF4Ns9p3DRN_MoY1xQYcFfr2X1yopq0rHhUxenu_nTm1xLxKle7Vbh1XL6Q7wvA2manFSYFHzwv0oxRw5y7V2UrpgZp0FpCExJNj0qyNSg2vPUz7q3B3l0s3wlC7Ji7TLUEpSpcbuyYGi7p5TPtSUKoOfcNxhx0eKKrg-azqj5O9WsfVwPGpJKO8lIEjdQGVTLoR15hZl4C4LFnqwdopGQit3roNTehearD5s0yC3UNRN5fJ0b99WwoQku2e8ziXk5KfKmxMOLbmKNH9JQvsZNVrleMz8PZc-s7g5IwpTgC0FEMdH6LrrHDv0HxP7oVq1-WxaW42ktHDNBwF70f5BrEqPvb7_1zwcvTTINzFoEeGki20S0F4IDSBVB3IJRuzxsTeozHMOulFnxOvQnhDsvzBUl1haZuf_qSqSCEETC2nt8jWa1DRT2TsRWOrZ5SiAOMWVCcNbvI9L1nfFkP2ATTKr3_iqMj8UGbfZDNbKx3c_m5YBaO_Q7kORVa-Rrnw4LuIijZJ9qYIFj6uHqeuC1evd5WmIxnI3dB5C7ja4c5zv5Nj_Zz7VmFzUeTRuZu47HJaTKAmaP3ZRInNeyE743zzaKSR5leb0wISltV9KN7-g63phY-Q2R7yZWA-196JIfKnInmAeXgEp3EZUBBhxuJrzjglIw8oZpc7kpcLTQt01WlZEvwvqPChn0e_0cgRKJrUqkIh1pp5pC7BHOyggh-pUxxYNtowqEaQPQAU7lIGN3YFxyGiq9-tlOE8NSpywEEUMz7arN6xXEg3KppWldWVYst2m5PGn9dfumS-6qvl4nYH3L9pqqEFRsG_GELAOLJso2gXq-5fRcMQ88Wep_R3v2YzRNII1nQqP6mqUA89QHAItgTTEJCiB2bwYPJT-Pagqy_-mKO7GdxJM-DB2Y3PnCG9-pQzBX4Gl2EemnffgR3nXeMABj8i--7AS0r4XemZk1oZsDme0yBI1nUEv8T-sQUSz_Ok6HVa4J1pfURxggg2QYjXjZVP_8b8gdj24mvIAr-94is0t9-g9_7lDr8X08foq0lC80JDt73qawkHlxAY4dIjdaJUi8ht_Hv9ojh_tTMr8mMNifH0YvsMjt3dG65ilSi4ibXt87u2v1SLBWLSg4ChSNlGfFnX85gC-IRrrQjFkhE3X5OcbNkCY8vd8LjBLyDKp0LHeDV19LA2bOwW7VKD3cEW3kjTiZHja2s9Iqxt6buzi774xZYZ8C-_0qY9fJcKOIEs1xECLREUlFjtGryxjhJLm2XaWvjpSTsUmeVXbxQv4pjOg5JvIt38MTJCwKP64HGtaaInZmtsAHYpcgnFGB1LwuF_a0xbUeNFPR0IJVaAi37bqpDKQnf2_f0nfP7CacJwS27qtOeAUOnGYheTxdXL5NbPjpWx7nJP-9qYkXZ-q0m9KyKHyxRaNGaJmj3OSIS983W0cagH99D7FFzP85YxGnsJZYFHIdb--VWp3d6Wjxy5Ha8u-T7CqEs3KNWAd7zwUuDYvp1ccjkgVVcxcTVnO-8CDHaZxUuYrj_EGZlsKE5nRbmxRYI6jp6c41FO_lJmSMwFIBOZWw0zRbSfsQ7PvQpisR0t6gfz869m2_4KPBboqDjkmG9zU9mOzrGSyzgZY6Uqw9y_SJXq5bAVZfHsZN-53fUrvD7_TZKzIpGXgoQgqsTvHtsEYaTfMLs3N2Qhr_Lp_XHuaHtk7hQsPi-IP4mQ_1jbeLzEklg7zniQEa5b5swOa75_-v9hbW63SNpk-ArYslbXQE9QWbifem79IDJqDLbPzIvjOJeqWdKhE5ZIu6PxP1UmqP9LPZyDvy5NZ1m4zrMVozne5qtqxHdRSwzgb4ICPc_AVoGFC8fn2N8MvKSv_05awPM_CYaEqAJ_ZyUha2i309x9ruU0TfHLcZJROIcs0S3VzJ5abrMdxGUhTZLn_RCqiXkbZslAtbQSoLqwqy0SFOOk4xyq-uYjiDpaFi8JuNIaEbSihYErKXe4SQDroaXKWEkA8xX-rc5T4d4y9soM9_nrnh9_-CgBqiFp-bwQgmNaalZjtOQFmvIhIYVftMnJ7rveYvUkiPBmSzkj51QyHkQAvyDja_dgpRtbLDQFAAXRlugfAdWHSJIZD4TM-OI5BzhALIiim1QAgmxqGrFV1PoC0jZZhHQnPSqifbKjMRiBQiQ45pvem8EVKxj7yWiMAlAzKVG6cWh6BYMxAXQsOfCIhVh5wS369ARC9Ky5vi7UFKa4HC_7OmSkjaqkaVq9vc3DJrkym4nbzgf5Ztu715EfEC9BjEMIA23hmOWc4AzbA4VU8QDzADAPlj2rPiqiBhvjhlzjKkGXm6P1bmIO1GIkpoZpyE1A&cid=CAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fxuxatv.com.br%2F&ds=l&xdt=1&iif=1&cor=10123855502569478000&adk=2988274607&idt=163&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDE0NjI0MTMxNzk1MwogIHNlcnZlcl9pcDogMTM0MDU2OTM0CiAgcHJvY2Vzc19pZDogMzI4OTM4MDg5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5ODQ2NjYz...
ad.doubleclick.net/ddm/activity/ Frame EA6C 0
592 B 63ms
62ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDE0NjI0MTMxNzk1MwogIHNlcnZlcl9pcDogMTM0MDU2OTM0CiAgcHJvY2Vzc19pZDogMzI4OTM4MDg5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5ODQ2NjYzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9kYWNoZmVuc3RlcmtvbmZpZ3VyYXRvci5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNjk0NTMyOTE3NTE5NDcyNDU2NgpkZWJ1Z19rZXk6IDk1NjQxODgwOTI3Mzk4MDU4MDMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE2IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTg0NjY2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM3ODA5MDA3OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDk4NDE1NTg3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNjE4MzAwMDk1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTIzNjAzMzU0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RhY2hmZW5zdGVya29uZmlndXJhdG9yLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vdmVsdXguZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kYWNoZmVuc3Rlci1yb2xsby1zaG9wLmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5983cd2bda49fdf20000000000000000","13":"0x9958eadac0fe04740000000000000000","14":"0xa48b8cea857c46750000000000000000","15":"0xaee08bb18968ce60000000000000000"},"debug_key":"9564188092739805803","debug_reporting":true,"destination":"https://dachfensterkonfigurator.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9846663"]},"priority":"0","source_event_id":"16945329175194724566"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame EA6C 59 KB
23 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:07 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 690E 33 KB
33 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 64130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:51 GMT

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame C0EB 38 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:52:36 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 690E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca8erQCxWZba1EpmQrAS3kaqwDrX38p50pvjLw5ESi6j0ysIBEAEgjfT0jwFglfr4gZQHoAHko9qSKsgBCagDAcgDywSqBNcBT9DXGcNge-xw6fnTzyL97b3wRCQjBl34cPm3Bxm296i3TlH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223069207111721415038%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestyletrendshq.com%22,%22event_report_wi...

0
0

115ms
57ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223069207111721415038%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestyletrendshq.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313517028%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213893382163776038321%22}&andc=true

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3069207111721415038","debug_reporting":true,"destination":"https://lifestyletrendshq.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313517028"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"13893382163776038321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 14:50:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3069207111721415038","debug_reporting":true,"destination":"https://lifestyletrendshq.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313517028"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"13893382163776038321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements4946.js Show response
cdn.doubleverify.com/ Frame 2381 424 KB
100 KB 52ms
52ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4946.js
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 14:50:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 11:28:09 GMT
Server: UploadServer
ETag: "207db46e6ac0ca4732907f40bbd2d096"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102043
Expires: Fri, 15 Nov 2024 14:50:41 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 5080 16 KB
17 KB 161ms
87ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EAEC 0
25 B 71ms
70ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Civ_AQCxWZaGsEtTx3wPa5qKYDcme0rFczYbj1pMBwI23ARABIABglfr4gZQHggEXY2EtcHViLTI5NzQ4OTQwNTExMzc3MzPIAQmpAr_Yab8VNLI-qAMByAMCqgTHAU_QKyvWr1ZH-OjaHbSFYesRbCXh2Rzivj50Jif6s2Olm9ZiginWswRXh_d2ZWoi1EkUi38lTV-jkPnn6bb3AU0hzO8j43V5BvQJWzVswTmSWSPEbrMnCxgcsHR0qmT9VNLsh_jawARsZEh0ZNOayppZkd0u3E2E6RgR2vZ8ANqkd-fts9psoT_v2YjZqIwo6hJ8AuJEYa7r12qRa5fimWjBncfpbYhTm66BGR6LyXUsqpk7Nxj0ZOYHowDZLq2DSA5acHk5ix6ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjk3NDg5NDA1MTEzNzczMxgA&sigh=4voybwEtOus&uach_m=[UACH]&cid=CAQSPADICaaNl4H56PZTC1RUXftZKXFSwOiSYuk-lYWTyVnQ9Pyk77QZDAznQdTBF5_tIrftm9quzsu2NfZMChgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame EAEC 0
126 B 142ms
37ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kOz_GMz6RLAJmAKdg2ICAgAAANCJCoI2nxWlEEAsVmVVXdgveVaO-ROOAAASAAAKCkFRVUJEd0VCRHc&wp=ZVYsQAAEliEKd_jUAAizWqdnMU8VH2Zo4aMtTw&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.2962416473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2175&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 151092
server: Kestrel
content-length: 0

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 505E 16 KB
17 KB 135ms
72ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:50:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 78E6 0
25 B 66ms
65ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM7EhQCxWZbe1EuiWjuwPu7WPmA_JntKxXLWY49aTAcCNtwEQASAAYJX6-IGUB4IBF2NhLXB1Yi0yOTc0ODk0MDUxMTM3NzMzyAEJqQK_2Gm_FTSyPqgDAcgDAqoExwFP0H-jeBmCOHYjnyCuvEV6Loc4Zj1XAvu2xEt87KzBc_jD18_oH3wsATXp5PBsH19mjAkJ_0nKtOpB7gRBVtysaY2gwsSRWOEpKPsKiuPMzOIu4xaE31tPAkRSAL8R-n1lMTlEaIpuS3Ycg49MJI0gbKJQ-MpQdPKVo6e2S6zf-8bbdoqKtsmmH6p9Gq-4fylulMHcgNfYVlTubNoebjdAJIaq1whGjG6zEFAIIzGRMTKUffi5a_VowfLhpO1f_GehXGVVI5GwgAb4heXCq4vgsYIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5NzQ4OTQwNTExMzc3MzMYAA&sigh=JZXzaZKuOPw&uach_m=[UACH]&cid=CAQSPADICaaNNaCpdmdIgiLSsZAB3pn7LQn4mxho5MVs4rh9tpVqX0BD4P8YNUzLENO3DMLxKkUhXjCXHlyj9BgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 78E6 0
125 B 132ms
38ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kOz_GMz6RLAJmAKdg2ICAgAAANCJCoI2nxWlED8sVmUg6wp8zvjj0WPsAAASAAAKCkFRVUJEd0VQRHc&wp=ZVYsQAAEmrcHg4toAAPau0wMjKxs1Z1AQgP8hQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 148848
server: Kestrel
content-length: 0

GET
H3 200 B30678728.378094554;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2988274603;ord=kqscry;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC8G2nPyxWZfiJG4T33gOq5ZbY... Show response
ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/ Frame EA6C 78 KB
32 KB 64ms
63ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2988274603;ord=kqscry;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC8G2nPyxWZfiJG4T33gOq5ZbYA_2e0K5z883ttvcRv8qivcABEAEgjfT0jwFglfr4gZQHoAHf6MuwAsgBCakCv9hpvxU0sj6oAwHIA5uEgIAEqgTrAU_QNPxljkjeDqdY5PnE9EWD7JXO078NBhl45DoXKIhcIb4TxDC-V6Yf9FTPTJSmT2uMJS0SKUU0jbpdW247mSp1T2Xc8OBU1j_bSw1jYFbbMbJJ3xKFxt76XjR_8-chRt4bQ8qEhGniAXNvYXUi3GnF-S2DbTSpyu0MSyNEEtmlwQALGnYj70wv8RzWkUMcbcXbpWFVZdIOODmiVLf3bpPlOoOHqUHTUwh3WpfApB1zknQkGEB1j7Uw67CrLOA-WCelLwjbWSwAllrXWMHf_e4ZFpUGEb7gysGZyuoK_LUY41zziHw9e82VslHABNu_jY69BOAEA4gFv5XJ50yQBgGgBk2AB4mXtM8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE_PRgxXIE6fP1-MD0BMA2BMK2BQB0BUB-BYBgBcB6BcF%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ%26sig%3DAOD64_1emXiDqFmXbaxyUJOhBikSpv3FYw%26client%3Dca-pub-2974894051137733%26dbm_c%3DAKAmf-Aq8Qw3xaPFMpq6wLs8QjWv4mGmI3tFGO7hQShEWm-hvOoVcXIgX1S4yAIXQLvA4jqxM08m3ASwT0b5TabYJSBw4BmdesBf4R2F2uPZgMbSeSCHYazp4domJbBlmdv8FrFXh6a49wSjGCfStrpjiKqS0mOMXo6fcYKrUmD8XhArAHCS_5M%26cry%3D1%26dbm_d%3DAKAmf-DxwaaCR-ETrEWK8rrI9iCv8uCVWUL7of4OnxaM9JNJyi9dsO0O8flSH9emALMrxuIbDDeVO477NxgtBd8omyE1tJrFzKRhcWVoKtT1fo9iXdBqPdbTi-vva5pAj_osVGxNplKOU7PxxvqHRkawqB73raHKl26dfoX3LceZCAx0N7Mzj1x9S-ZzQ-5ff4TkY89HjcIdY9g2PWlDdapESgMiphXBK3NYozRnzW7jvAc9GxFOEpspcmOuXK9v9nO3n4_ZHUHNcctA8EeBge4MV1gmoJnpMBuNhoI_8WrScHrJfYdA-Ud1plUL5OKMy6ZyzgvffSlo6zr2GFcbLF2PUQyT_RI4GrrZZo3jHi1Nu1s_5pR68I0tUrocQQ-34zILn85NJQnhiNJr4Rn_iQr1V1D-Ojoiz8jTlXb_MZnCeowsebmgi0v2SHxrN3gua-NJ6gApi_HY4U0i6Vl1Uhv8ox_hVuLD2VB5VkQ1njjwvqCZXpLNmqiUBrfx6Id0NU-yjFcGZg27ZuIoxRX_QPuo98Jx_O-1uwcun9O0Y2ysbBxuYqRy9ow%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fxuxatv.com.br%2F$0;xdt=1;crlt=aZq.'T.2Fr;stc=1;chaa=1;sttr=106;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

4b037452c0ef5cdaa6a3c769413d98cd4bf62ccd7562ac85d93bc627e3b0d7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame FBFC 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:52:36 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B1FC 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D916 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CCDB 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 551181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements4946.js Show response
cdn.doubleverify.com/ Frame D164 424 KB
100 KB 55ms
50ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4946.js
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 14:50:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 11:28:09 GMT
Server: UploadServer
ETag: "207db46e6ac0ca4732907f40bbd2d096"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102043
Expires: Fri, 15 Nov 2024 14:50:41 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame EE40 0
0 63ms
61ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst5Ro2DsCwN-jmeZJ1tv-LqEmg7VZ-Yh0Wg25XXLIn874_CFgnnqKQ2HKx9JuCuu9Dxd9O9WJnCBXYSg8dabMaYCmsITomeyIThK2ejFlEze9byXjGv4QgfTo7SIW1MmxlAZnBZM-HBQImkSQHC-kF1JW5nuZ_BlCOHKObqzGJvpkC9SLkZh3xm9I8WQXmvHozv_xS1HhU8TssQlxOS1y3WF5OhZjPBsFSG4rOx4We9PG9OkWXwJgmTLw6FFn2XQ1x6sHV3emjcqJifwB_zlwoEUaVSeQoLj_oPnaUwOI_inaDp0Vpj-RWuVG43mTvXPViQy3tj7vd56t0r-634vh9Rw7ONlLWiN7VP5QauHRp7-BMQO_vUjQFgMAbrtXuYFAmaQ6JAlNEvzQaNKsraciBMLbpEHc1LBdAbQCEsVVatjCnpP07Esvx0OR-eGUdqHhwzcz_CGH7MHFol7Sky-qtWg4hgeRsr29u1Vd6boGXKSzk74euB88KU5EB1tna53fVopVy-jD8t_J3NqOXjBZqSTwJRn-FpFArcL6SIuGvuvebTVI-B4O3QY2bo_27xXHbYQukiEGVHFS58tfTvXWK9nXKA8UmQcOdVYZ1xaLmgyYsMcVMQuC83fcgKyEX8NpJQiluqoyQ2BH_2dbUr0XJB5O8NO04cbtV_Z-JVJWFSiyocU16gSXsktggZycXyfoNO0ynWnbVEZormb-bMRUIjnne6RphBW7DeFXbnwmpEKEtD1hi0eN7ZAaYYWKjuGI3koabCNeINN8nZYaJkUwj0XSrwyChOmxB3o3I2ziNn0eIpx-Hu6Q5MylCrhTdrjgQI-hFjPpMd-L1DdZAyb0N2pD9vYtoIW3VXLJfV20fCYEziT60S4KH8cUewyy9wksyVsDzpDpXDMt6Pnr9eEsGZBhTWGwDLaD45mikTf7-oPxfhpk5-xJhrNqYFk609jWZICRT9jfDy1UIc2b-GwBYgQJ-_fCWShlFXIYdA_VOw4RxLgvV2-O9JFrO7LlrGMZQw0D0503bJ3rEnHIJIAV6TizhGbXbGFrXLh0K7J0iBCHpPNlerJ46m5_m-Rak9RCcKQBeZwS1juw-eUdB3qs5GaSKiSHdaZxx6IPkcBIER8HAJw7s0R8OBWNONWOYASEAjvk8wvYmucEY20G8tGuC55O7hW6fFXHGmObGNonEVpowJWP05QxUF6_S8OY1OTS5vfn4ffzBIMJ6EXo7sPBGpmMut-jZoVb5nvsEHql5AtpUTBeqm3hgRxN6ilZtzf5y0X6aXzo25DuhP1Dcj6A_7XQPthoMU2APyAdagKoA4iU_gKr5I6FMzL8Y43k3iqFFLXEPVDbr_-Mcl0spwPM69yk1yhw&sai=AMfl-YQfbXqz7sEb_6E_dgceUQxHMW9SYsM2EpRZMfkT0GUwXQtpyYKBQzQ8Ma1Yik2eTVe2sG5BnfgUkgPNk3x-O-0qV_YstvmMgNJPK7HkFFX4gPNlgzb6GuEh0yhBEwYlNv9g86H_FqVrDRHxVKlfV8xCCTFsszbD_n6xQaFpnxIB_H5yISx0iZos4r2wHOXjsqGGFT1madXSzlgh3f_cFjTUHAMR3FyNa5UF0IWifBCaNjHRSiZo_I2daJ3Pxl865Kz30SUHITAy1-9lsRSTyWPWDenuMhMl96PXAeCGRXbliqlWqZ1eZiEQA10jnomsL6Nm-MPvsydyhM6y9K3X_Tu98K38b2TX-L1H54gyWU1C2jw_Juf5Oi3KR8g1CrW_nBN4rugCEMpUwgQYErshXbSBadj773RC8sHuGJPCfYJVd8qQCP-w0NrrVovh7sjnXKNZIC_vT3Ghs-a63NV9uRgqaQ1CiDsQX8Chk4z-O3rra2iiQ94irINBkxBqH0t9kxrIl2BaUS-E&sig=Cg0ArKJSzCgJkgFJFxzeEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oeXVuZGFpLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=763&vt=11&dtpt=372&dett=3&cstd=387&cisv=r20231109.14064&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
58ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 14:50:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 82CA 0
0 64ms
64ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvKup2BWcfCPdQ8JZ8g_xf4R-ztU837NnkH9_Te_MU1eOJZtzfOczA8Y8bjNqU7P11EZ3CNbnbePJ392SrW_WhIxOtmRsFjMZ58hjU-hk8dctAXL0WR5phoHMK8m6nTNPQywYCDEmnbi_q88TEBTXgiNx-u1iT3Xfs-vFyvFvc_htD_K3J9DNBfar7gQO9cGrCQQGlQjCxMkjtfmbBoe0YS7-56F5r2C4QTsECZ3DekatxjwOvjaMBL3oofZXGFQkpaSvRvxYvTs0rahET1MdIYLt9bED-5AyAB5_SDexq-qPyDbyU7p46iNTCPmYJMiQXW3-tXaqsJaYYfgNfwndkWkCIFdaWPe-zroCdojE5pbrfG-1URWo5Gyg8ruQDqq-zbn6W7_9aK1skD6Q2W5cY8loadgIah5gBbRRPypcFBwubv6bWWDYH4d4k2WqHU9Diy-smcl68oHNY7gYIA2jAKlJ-TA1MSCAPdqIQsWjXwHxwtQ9B2aM7SZ7Lj_8mcvVy_NWlPft3pquniU2LH_x93mHTK5hea7RTwq1eNKA-TzuDArKCFqcUuDyVxX6OllzjSkWZGMbKsv7no41rcnvXA-AJME-u1VHRw5k_5vng-28yLYga9AiPLK2Ef4lk6UCCdVH4i4NSd__Uk9CYG1qXK5RINOHfhlDsqohr706hp4AIZ4E9fIoAwx0CWe0T-bGDdG0oOWp5OX5IA944MIa5lxR1EJcw9P2eMxSt9PwdYFMrPDkIwK0BnwffkOwWdRcYC8NpKiRco9C3c5O6n0M0RKezZHVgp4k18yf1wsrIGUgdBCJORzzfIeMbjs-e7fozPh_7sxtTQqZAYu9mMdOQkpi16GH-yaqMSchu9b9oYDqK2wzwh2kjpS_ALmK_G-oreC5Mor3VHcvXKs1EAy3X8BdlcIDItSXvcpOeXEa5GpgYYonk3horrBGfFU-5uABPfiN3zkHOW3Xpke4NAaojDTYKh6MrDHn-IsT3IX7cFCFjicsQ9i76klfvsUguXxvaFBo_bA-Ug9Rco1gEcqbFSLqN8ugCBos_S4VQbRF5nrA9iHIvk-zvDFLucR4TEr9me0T6HK8AVsoBqSxPM8vSAkQ03JnfzZg7661ATIWCH_I2U0fxp58_QWQ7c1-rBypkgNKYiTOyZK8xAdFmKwfa5wkUxk1fNfqEWesE9X4QLEoOdht1JIkstf_CPsFqO9ybVfrWNfTLNPJUPMQIBKlVmUGK6HBN6yl6JFwmTVulVxSHIc1NRn1QVzrR8sCS-pPrTsjbalgrJyWUgEHw-9VeQbwvBrdJCYsj-wfgOqh68XJrq-xvP-VZYHNZ7pXRVE6L1ZYjA_dDisAlHt4S-tddmKSDkyw&sai=AMfl-YR5XauL4gLi5Th9s7GoYl1jpEOYnEsBJvj8_Ejr42nwK-yEzrcfu1CBzkS6Czr3dwmIi5PByiYfFZMiwjNsKafFwetA81usqofM6gZ_ZQBFDVlvKaYIVwpcqDUKiakdwNTNiyFw_9UxSbLCfx639CBQosjuz1wXNMsLDrHli2dE_5HpoPcN5xPuNO9nxU1Jwcdg4xlN3jtg56pZL8qDYOQe5jrPFfkMcTGGo1fV3q1iuqJz22b_ITLfyiC4NHQ8akBvmf0b_wfvo7Q7wo0TH5krgswmqQpaDl0oRuWyiSuPsX2Q96D0yu-joQM902uTjyo7Pi_LULFYTB1iXluqWmTQa6B4Fz7465xV9IuA7ZTE_ItXy7IChPbBO-QCIBObwQ_dpxFPFeEq7kpgSd0tWgtMN2LntbCbXp59SD94gb8zclTuWxyIzp3T85Uu8ds7G-et4FOHah4GMxqHhUaT616R09vp3C6IL6zJc9AdeNZ4bSclj3qjoL72cmh0V6aj6n6uGKs2_tf_&sig=Cg0ArKJSzFU02KCcOaEHEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oeXVuZGFpLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=774&vt=11&dtpt=312&dett=3&cstd=461&cisv=r20231109.55366&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EA6C 111 KB
39 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EA6C 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2988274603;ord=kqscry;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC8G2nPyxWZfiJG4T33gOq5ZbYA_2e0K5z883ttvcRv8qivcABEAEgjfT0jwFglfr4gZQHoAHf6MuwAsgBCakCv9hpvxU0sj6oAwHIA5uEgIAEqgTrAU_QNPxljkjeDqdY5PnE9EWD7JXO078NBhl45DoXKIhcIb4TxDC-V6Yf9FTPTJSmT2uMJS0SKUU0jbpdW247mSp1T2Xc8OBU1j_bSw1jYFbbMbJJ3xKFxt76XjR_8-chRt4bQ8qEhGniAXNvYXUi3GnF-S2DbTSpyu0MSyNEEtmlwQALGnYj70wv8RzWkUMcbcXbpWFVZdIOODmiVLf3bpPlOoOHqUHTUwh3WpfApB1zknQkGEB1j7Uw67CrLOA-WCelLwjbWSwAllrXWMHf_e4ZFpUGEb7gysGZyuoK_LUY41zziHw9e82VslHABNu_jY69BOAEA4gFv5XJ50yQBgGgBk2AB4mXtM8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE_PRgxXIE6fP1-MD0BMA2BMK2BQB0BUB-BYBgBcB6BcF%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ%26sig%3DAOD64_1emXiDqFmXbaxyUJOhBikSpv3FYw%26client%3Dca-pub-2974894051137733%26dbm_c%3DAKAmf-Aq8Qw3xaPFMpq6wLs8QjWv4mGmI3tFGO7hQShEWm-hvOoVcXIgX1S4yAIXQLvA4jqxM08m3ASwT0b5TabYJSBw4BmdesBf4R2F2uPZgMbSeSCHYazp4domJbBlmdv8FrFXh6a49wSjGCfStrpjiKqS0mOMXo6fcYKrUmD8XhArAHCS_5M%26cry%3D1%26dbm_d%3DAKAmf-DxwaaCR-ETrEWK8rrI9iCv8uCVWUL7of4OnxaM9JNJyi9dsO0O8flSH9emALMrxuIbDDeVO477NxgtBd8omyE1tJrFzKRhcWVoKtT1fo9iXdBqPdbTi-vva5pAj_osVGxNplKOU7PxxvqHRkawqB73raHKl26dfoX3LceZCAx0N7Mzj1x9S-ZzQ-5ff4TkY89HjcIdY9g2PWlDdapESgMiphXBK3NYozRnzW7jvAc9GxFOEpspcmOuXK9v9nO3n4_ZHUHNcctA8EeBge4MV1gmoJnpMBuNhoI_8WrScHrJfYdA-Ud1plUL5OKMy6ZyzgvffSlo6zr2GFcbLF2PUQyT_RI4GrrZZo3jHi1Nu1s_5pR68I0tUrocQQ-34zILn85NJQnhiNJr4Rn_iQr1V1D-Ojoiz8jTlXb_MZnCeowsebmgi0v2SHxrN3gua-NJ6gApi_HY4U0i6Vl1Uhv8ox_hVuLD2VB5VkQ1njjwvqCZXpLNmqiUBrfx6Id0NU-yjFcGZg27ZuIoxRX_QPuo98Jx_O-1uwcun9O0Y2ysbBxuYqRy9ow%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fxuxatv.com.br%2F$0;xdt=1;crlt=aZq.'T.2Fr;stc=1;chaa=1;sttr=106;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:12:43 GMT

GET
H2 200 63c51e1aeaeb06ed73452eca
measure.lamp.avct.cloud/measure/ Frame EA6C 0
0 179ms
59ms Fetch 52.48.253.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://measure.lamp.avct.cloud/measure/63c51e1aeaeb06ed73452eca?mid=651e6b2507e337ed959d3bc2&mt=1&d=xuxatv.com.br&c=0&r=0&evid=35df9375-312f-4c2b-a2d0-42c42982561f&vmet=IntersectionObserver&seq=0&sev=start&sst=2023-11-16T14:50:41.743Z&h=90&w=728&sh=1200&sw=1600&sah=1200&saw=1600&vsum=0,0,0,0,0,0,0,0,0,0,0&vmax=0,0,0,0,0,0,0,0,0,0,0&trk=false&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=0&cp_dspId=dv360&vts=
Requested by: Host: cdn.lamp.avct.cloud
URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=0&a=&cp_dspId=dv360&api_frameworks=[APIFRAMEWORKS]
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.48.253.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-253-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:41 GMT
content-length: 0

GET
DATA 200
OK truncated
/ Frame EA6C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ced8407b42aea26b55f3c703619bdf8d1a1f225e417896cd1017f00b89e668c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2381 1 KB
1 KB 268ms
133ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=264&ttfrms=26&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauIFI2EG%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauIFI2EG%5D4%40%3E%5D3CTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=405&ddur=186&uid=1700146241877639&jsCallback=dvCallback_1700146241877705&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4946&tgjsver=4946&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_inhead_fy2021.html%3Fhello%3Dworld%26fsb%3D1&fcifrms=10&brh=2&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=26387868&cmp=30537616&sid=5952739&plc=376181606&crt=199634052&btreg=567208257&btadsrv=doubleclick&adsrv=1&advid=9758366&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=1463837668730.8718&ee_dp_sukv=1463837668730.8718&dvp_tukv=390302046.39813507&ee_dp_tukv=390302046.39813507&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=613724785135&jurtd=1456313182
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4946.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 58946a4f805d3bc0f8909dc9a82cb4da1e9a7989463304b8fe2bd8886db84773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 14:50:42

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B8D0 38 KB
13 KB 35ms
34ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 551181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame CCDB 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H/1.1 200
OK nat.min.js Show response
www.twitch.tv/r/s/m/ Frame 92B7 495 KB
495 KB 117ms
38ms Script
application/javascript 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twitch.tv/r/s/m/nat.min.js
Requested by: Host: static.twitchcdn.net
URL: https://static.twitchcdn.net/assets/everywhere-main-1ff2405ad06a9a18a1f8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2e9e6c2edeea38c2c2a4d0a0adf2224ca0353f1e0994af6e979f35b0bf0d6cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 14:50:42 GMT
Last-Modified: Wed, 24 Aug 2022 20:36:43 GMT
Age: 2791
ETag: "20ad7bcd1bdf2bca63ce6c03a015e453"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 506975

GET
H2

200

/
01b8e2bcb276b303.darnuid.imrworldwide.com/ Frame 92B7
Redirect Chain

https://secure-sts-prod.imrworldwide.com/cgi-bin/gn?apid=PE7867845-886F-4940-8BB2-44030EE44570&createtm=1700146240&pingtype=1&prd=audit&product=dcr&sessionid=01b8e2bcb276b303&streamid=1071224dd1d59...
https://2d59a6fbb3970d110ae26b0700e5d77b.redinuid.imrworldwide.com/s2s?url=https%3A%2F%2F01b8e2bcb276b303.darnuid.imrworldwide.com
https://01b8e2bcb276b303.darnuid.imrworldwide.com/

0
70 B

170ms
44ms

Image
text/plain

52.49.226.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://01b8e2bcb276b303.darnuid.imrworldwide.com/
Requested by: Host: xuxatv.com.br
URL: https://xuxatv.com.br/
Protocol: H2
Server: 52.49.226.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-226-217.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.twitch.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
content-length: 0
cross-origin-resource-policy: cross-origin

Redirect headers

location: https://01b8e2bcb276b303.darnuid.imrworldwide.com
date: Thu, 16 Nov 2023 14:50:42 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 218 B
336 B 202ms
201ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 63feeb395a01ec8660e2594c4e6e6a7c8b35811ce6d17fbf83a155e1293b0a00

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Integrity: v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiIyMTcuMTE0LjIxOC4yNyIsImRldmljZV9pZCI6IjNmNWQxYmE4M2ZmZjE4YjIiLCJleHAiOiIyMDIzLTExLTE3VDA2OjUwOjQxWiIsImlhdCI6IjIwMjMtMTEtMTZUMTQ6NTA6NDFaIiwiaXNfYmFkX2JvdCI6InRydWUiLCJpc3MiOiJUd2l0Y2ggQ2xpZW50IEludGVncml0eSIsIm5iZiI6IjIwMjMtMTEtMTZUMTQ6NTA6NDFaIiwidXNlcl9pZCI6IiJ9RJ6HPTaKvr6iwfCMCpNXwBJDd2bjY--mb5cbkg9xCbM4u_ADTdPqMc_1WE-Ngu6ckxP4EMFDQjodFUUqEzkcAw
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:42 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 149
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 28ms
28ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 395
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:42 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA6C 203 KB
64 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 14:50:42 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 6 KB
2 KB 38ms
37ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 532188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2089
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 11:00:54 GMT
expires: Sat, 09 Nov 2024 11:00:54 GMT
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA6C 0
0 138ms
62ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvURko01zti9p9r2SrVqSn1nmKudmTyhqqA1mInvJCZrfRLpH6EAmDIWhJRm0AqnQbx3vJ7poJ-INTi-WPeV02ilRyUGg9pctANkLmFwesdvk6a7SIWX5vqpQfRj4uLr2yzmatRNRW7TrLiaqEJ5eH28fqGNg2mGCw2qoc&sai=AMfl-YT_VGC5VXDKDG_ftiSQB0M6ra6ci0JhHnpkdflgdk6BDjFqKDp3BSR5RydaIQ736LvMzb7ueccH0dtNAgtGnf0YSGRozUWicYrF9Q&sig=Cg0ArKJSzF-532fM1fWqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=404&cbvp=1&cstd=402&cisv=r20231109.64436&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame D164 1 KB
1 KB 42ms
42ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=468&ttfrms=13&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauIFI2EG%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauIFI2EG%5D4%40%3E%5D3CTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=477&ddur=137&uid=1700146242157585&jsCallback=dvCallback_1700146242157800&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4946&tgjsver=4946&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_inhead_fy2021.html%3Fhello%3Dworld%26fsb%3D1&fcifrms=10&brh=2&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=26387868&cmp=30537616&sid=5952739&plc=376181606&crt=199634052&btreg=567208257&btadsrv=doubleclick&adsrv=1&advid=9758366&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=1601738895440.8586&ee_dp_sukv=1601738895440.8586&dvp_tukv=21457757701.00003&ee_dp_tukv=21457757701.00003&dvp_strhd=0.29999542236328125&dvpx_strhd=0.29999542236328125&dvp_tuid=33878726637&jurtd=2440139513
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4946.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: ab2d27a4438058b8a7042e007e6c24c324cb70e3c48e1f04461769b17ff7c845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 14:50:42

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 33C2 236 KB
63 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Nov 2023 14:50:42 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 9 KB
2 KB 28ms
28ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2264
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Nov 2024 22:05:56 GMT

GET
H3 200 _preloader.gif
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 673 B
700 B 29ms
27ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_preloader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:05:56 GMT
x-content-type-options: nosniff
age: 319486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Nov 2024 22:05:56 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B8D0 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H/1.1 502
Bad Gateway event.jpg
tps-dn-ew1.doubleverify.com/ Frame 2381 0
0 100ms
34ms Image
text/html 35.210.149.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=1b25854ce1304a37870e046cf428998e&consid=&api=1&rc=true
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.210.149.152 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 152.149.210.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 204
No Content event.jpg
tps-dn-ew1.doubleverify.com/ Frame D164 0
116 B 82ms
27ms Image
text/plain 35.210.149.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=b70fd42ddec04aedbe70c35f5d64ca58&consid=&api=1&rc=true
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.210.149.152 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 152.149.210.35.bc.googleusercontent.com
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 16 Nov 2023 14:50:42 GMT
Server: openresty/1.21.4.2

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:42 GMT
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST

GET
DATA 200
OK truncated
/ Frame EE40 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66fc0d616cd812983a18070716cad135908f25820a927059b83d2b7a9f776af9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 82CA 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de3d026abe0becba8aa5b7c32bdb5ef2f69f1acf2c899b6c3f0f1f7147ed48d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 _728x90_bg1.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 15 KB
15 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 04:46:10 GMT
x-content-type-options: nosniff
age: 209072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15762
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 04:46:10 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA6C 0
0 61ms
60ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvURko01zti9p9r2SrVqSn1nmKudmTyhqqA1mInvJCZrfRLpH6EAmDIWhJRm0AqnQbx3vJ7poJ-INTi-WPeV02ilRyUGg9pctANkLmFwesdvk6a7SIWX5vqpQfRj4uLr2yzmatRNRW7TrLiaqEJ5eH28fqGNg2mGCw2qoc&sai=AMfl-YT_VGC5VXDKDG_ftiSQB0M6ra6ci0JhHnpkdflgdk6BDjFqKDp3BSR5RydaIQ736LvMzb7ueccH0dtNAgtGnf0YSGRozUWicYrF9Q&sig=Cg0ArKJSzF-532fM1fWqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=906&vt=11&dtpt=502&dett=3&cstd=402&cisv=r20231109.64436&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xuxatv.com.br
URL: https://xuxatv.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
74ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01f1ad078ae202ac671bd2354e3c91145962e5f8e80aa4c1ea11d84a8a4039ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12391
x-xss-protection: 0

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 11 KB
11 KB 23ms
22ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/txt1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bca8d73b554549d84d1322e2f0bd15c12b1f005c5a91dd254e7b2bc0bac8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:32 GMT
x-content-type-options: nosniff
age: 514630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11534
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:32 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 2 KB
1 KB 26ms
25ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaa41c92c5a8c4640b5bb2173ac6694f87c298913f4defbc6fb837314022579b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1010
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:14 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 18 KB
18 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/bg1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e5f617ff5ea75fa0da061a8922316d29c607387ef91ce6a727551ea45a08a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:14 GMT
x-content-type-options: nosniff
age: 228028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18696
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:14 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 11 KB
11 KB 27ms
27ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/txt1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bca8d73b554549d84d1322e2f0bd15c12b1f005c5a91dd254e7b2bc0bac8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:32 GMT
x-content-type-options: nosniff
age: 514630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11534
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:32 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaa41c92c5a8c4640b5bb2173ac6694f87c298913f4defbc6fb837314022579b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1010
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:14 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 18 KB
18 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/bg1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e5f617ff5ea75fa0da061a8922316d29c607387ef91ce6a727551ea45a08a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:14 GMT
x-content-type-options: nosniff
age: 228028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18696
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:14 GMT

GET
H3 200 Xuxa-logo-2T.png
xuxatv.com.br/wp-content/uploads/2021/05/ 12 KB
13 KB 131ms
131ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Xuxa-logo-2T.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6bd3fea5dba78b94182a62a83a51d93752dbeebfab5cb8100b16cfd4451ca04f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 05:48:21 GMT
server: LiteSpeed
etag: "31cd-608e3d25-50446baaf0b596f2;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12749
expires: Thu, 23 Nov 2023 14:50:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1FC 0
28 B 58ms
57ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBqxPPyxWZfaJG4T33gOq5ZbYAwAAAAA4AeAEAg&bg=!lJell9jNAAZxrfrxUa07ADQBe5WfOP5ygcC4CoYhNMe7a1fY94v0JJ6l2YIlVfmtj1npVi7NWzs5tPXxTd3aJzgtOZ7kAgAAAxBSAAAAAmgBB5kDCgJWUA_bwQLqvE6I5zdhrMhLRSZg9U4OrKghWVtyNc_ZdvaMXsAorYIAMiEZGsp1Uf9dPVZ-V0hcroTVw1RIYneK7KaXrzOrxPh4vfd-FFpTHRm3TAviPW1yG9Bi4muuv8BGN2XknNXA-2Vm3e3Qe06UmX2xoHV6FCfOFFigG1c0HSAFeswIXafdDGBQR6TnrD5PFR6wOqeoOUWQSTEkauqhX4E2m6YmOtUsv2R33a4NHn7NrYmotq-T5WnNA9wKzuIM_zsa4Cr8lDunATm948uc_lKjSxPRodkpo9CzuMzNZtiMpv8in5xLmvlfEEKZ5sTGKgjRYbYlM3kq5O7871_UDiyoAC7gE3IO5W3IBeye2q1n1TkS0M0pLfhLD9VM4AP9EDbjKXebevycEtIF-lmnYIR0RUPXsLHX_t8zYkSjpJqBZiNvm-JLP_WAmpQutO6gx5mKYEH3542YHsnismF0-9njR1RfCalhneMCKcyIDAhxRINNcH_xnu9UjGiST-Ua--OMjelSG6fgjWU9pJtAZh3aYse4WNTZb4ncIL5EhXUjscfpFXw5CiIu6UWsnWFiVyi_UIDjmwhcJWiAPCOGIFqjIiJ6Qiq0pu2vB1ZWn3tj_rHhfx898ytL1X172n0G5R5aBMHZT8JfreszQNIsPUDRYco8jLRlSWV0-Gos5H8Ea1pyvjBX2IquaLnQmV4T4lYFhgi-aPA1EuBMIZTBok7DE50XkUhTJUtdyWUMQ5cTmKCFB4FYpLkqU2ysZvAVRFJh3TjYeePGhBemvceXHWE_RIIcZ2aMxJhrlX1W1NgtF9P6fwckPGYBAV4e5euEI627vG5hZKIkLgSx_V-8CqeA6-F3Sq7UKVjwY55e3kvLqBAv3k2G_mITo7A533Tnr6serqTPn5nCuLJFB8lLkZXJobGxuHG9Oq5Fh6daMOQDmZhiBF35JaX2Skr8sgstex65H-gtOWyaXhpfycyEfb8HxeN6mpgn3gIuZjzPF5Xxe69pSyMtLzkouAsA7akxbzQ1Ez5TXcA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _728x90_bg2.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 16 KB
16 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:46:01 GMT
x-content-type-options: nosniff
age: 65081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 20:46:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D916 0
28 B 60ms
60ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDtjAPyxWZfeJG4T33gOq5ZbYAwAAAAA4AeAEAg&bg=!SEulSwTNAAZxrfrxUa07ADQBe5WfODVIoT9bgy30O1zg30L1ZFnXZOTwhQukyjupARKmLIlQUKtTdw7u5yROjEnFI2mXAgAAAx1SAAAAAmgBBwoASoKKF0PM38ZL-CJb2jvTKv76SWQD7QyOKw-t4cQKz0tiuHYqtpLMbrScqMs1d-AJjEz3IcTcKBU4CIOrT7TBc2UKHctR4oki1ZX4mQMEuuNGNEUeHVQE5ds-NpFya7gQIfUcHr0M4_Nj-sMJQCVb-Se_T_faFqolIsABUubkRJYFBOR4_gN8kjccoM3CkBFSAuWhCebiAuFZ_30ilcWccxSNf2omzXWC8V5F-R0gA1ReLymPl3Vv68eaIslQKbQCrfwGx7GA7bVF9ajUkrNAFE798dclj4XwJJDhO-WqLi8r59g3jx3KMLRCSJibLQ5U-y31gwbY1HU7iO2Eajl-IN93lUC9uxIcNTZ_gzgUsd7N9Ma1armRHgkrqgNsJxzMgLHpquXO4cZyBgm7VGju_LvTa-_MA8itUO1J_VkiLlouKpbz1MTJKKZewWqsFgeRdtnoVkvZDrUlMQWAfJf9SOc8Nl9K8xmdAgs5tNJKV9qTwJLug99b9JA5g99gKSWdvWFx_7JVdXcmo3yb6hLsmXgfYEgPPb3mc8FQ9tQEcp1cteERMSXTUmOaXoI8Co1SS8xKmJbM6xeCqMOIfd1wVmlRNAfCqA0_XfTOgltL-LaqijIXVvLc_4AcYXeyvuj4rYr_UCehivt7CQ0_HniyWoK-AHmJizFpsDF6PResTxJdONxLFcGNCHP8rdWveqBqzFATDzfRjll-R6J1CveBBLWAgYs_C3Ca13v2iVcVOqEckWq2rUVDrE2feTziOfnPyAkZRO7YywdhZXH_pOobdSQFTftqt7p7gez01pPwVNMrS4LMMr_f1HPtzm0Egxd0wxlTvNWx14L0Fg2ZHf9pSuSV3DiCp-qXN3obC84Pvwqv5esTP0GXIGhFF6pK9neITvn87zmDlbISz21aFkIfUeHSa0b8iR6kCXiVveYHqTcRkr5mBJlT-cjk_UlyOM-dMC1Ih8Y2qGYTzbyDORIe9GRxvilTD0poUHNb3Nd0tMSPIHPeOzVIt-sawRszh4k51ORbC3sp82lKv_ohRVMQRiL8xMYmDBx39XuFn75bnd7IYEslOt4tB-otoX8RY4b3vx_h821eeciEL7JO6DYtgni5u0w7sXng8rqk6gZaiEBPZA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/ Frame 49A5 1 KB
444 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad7de9d11e131b8ef433f838bed58f35341231525bcef690f3e1faa0619fa7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:50:42 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 11 KB
11 KB 26ms
25ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4190975dbd449e8317f6a25c4a626683b90dc49b6d5f87d2d6a0b545669ef3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:34 GMT
x-content-type-options: nosniff
age: 514628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10906
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:34 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 13 KB
13 KB 29ms
27ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654a2938118171002f404f2427ae10b94c37c8d43b53564aef7a126d023b0039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:49:30 GMT
x-content-type-options: nosniff
age: 259272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12871
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:49:30 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 9 KB
9 KB 27ms
25ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c9c4804a302ab73ce602ef9af921ba1e6f59ccc343dda867da064ae6aad8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:15 GMT
x-content-type-options: nosniff
age: 228027
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8841
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:15 GMT

GET
H3 200 fussnote.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 2 KB
2 KB 31ms
30ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/fussnote.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0f4bae14ff26ca8f7e3e49f5cae0d3e240e9a26a6dac472889e98ca7e3e364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:38 GMT
x-content-type-options: nosniff
age: 149644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2140
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:38 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame 49A5 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88588830962cdb62afa928436cb3c7aa7a571cef13c2cae0b3f3b014f3d1c0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:34 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/ Frame FE18 1 KB
444 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad7de9d11e131b8ef433f838bed58f35341231525bcef690f3e1faa0619fa7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:33 GMT

GET
H3 200 _728x90_btn.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 1 KB
1 KB 31ms
30ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:31:48 GMT
x-content-type-options: nosniff
age: 227934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:31:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA6C 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv6tRMFv1vMGA3aFskkctq54yulIpqD9h2bG2bt_ax5iVSqVD2-IZs5ue8LjEOM4D-TGYJx29GYR4dO7rHEpzYGU4Q7lZ3i5CkKxGQKYgRNWvkK9uyrh2t_Ipgy407gWj9tdz5nbRQ8VuZ&sai=AMfl-YTTiqgG2VJ2zKksX5DRr0ucAqmYqruMG2aiUVXhEUvkZVYaLX-IxMxzccME-S_IKrc4ZvPBTk7UYhKO34MVgMoe1Vu_PPg3qJJnVsc-Rsfd685ECfxwZ_qx0H732XaFTL7fiQ5-h11KIGP6aI3Ryg&sig=Cg0ArKJSzKvkxqaWTUNyEAE&cid=CAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ&id=lidar2&mcvt=1091&p=0,0,126,728&mtos=0,0,1091,1091,1091&tos=0,0,1091,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700146240971&rpt=792&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 11 KB
11 KB 31ms
30ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4190975dbd449e8317f6a25c4a626683b90dc49b6d5f87d2d6a0b545669ef3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:34 GMT
x-content-type-options: nosniff
age: 514628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10906
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:34 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 13 KB
13 KB 32ms
31ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654a2938118171002f404f2427ae10b94c37c8d43b53564aef7a126d023b0039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:49:30 GMT
x-content-type-options: nosniff
age: 259272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12871
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:49:30 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 9 KB
9 KB 32ms
31ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c9c4804a302ab73ce602ef9af921ba1e6f59ccc343dda867da064ae6aad8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:15 GMT
x-content-type-options: nosniff
age: 228028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8841
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:15 GMT

GET
H3 200 fussnote.png
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 2 KB
2 KB 32ms
31ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/fussnote.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0f4bae14ff26ca8f7e3e49f5cae0d3e240e9a26a6dac472889e98ca7e3e364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:38 GMT
x-content-type-options: nosniff
age: 149645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2140
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:38 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/ Frame FE18 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88588830962cdb62afa928436cb3c7aa7a571cef13c2cae0b3f3b014f3d1c0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16564145693175664192/2-IEU-KONA_EV_Q3_23-Skyscraper-160x600-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 15:53:34 GMT

GET
H3 200 Xuxa-logo-2T.png
xuxatv.com.br/wp-content/uploads/2021/05/ 12 KB
13 KB 131ms
130ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2021/05/Xuxa-logo-2T.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6bd3fea5dba78b94182a62a83a51d93752dbeebfab5cb8100b16cfd4451ca04f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:43 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 02 May 2021 05:48:21 GMT
server: LiteSpeed
etag: "31cd-608e3d25-50446baaf0b596f2;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12749
expires: Thu, 23 Nov 2023 14:50:43 GMT

GET
H3 200 _728x90_logo.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 693 B
727 B 24ms
23ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:38 GMT
x-content-type-options: nosniff
age: 149645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 693
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCDB 0
28 B 59ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXSrwQSxWZYG0E-aX9u8Pm_C_oAwAAAAAOAHgBAI&bg=!Y2ClYC_NAAZxrfrxUa07ADQBe5WfOPIshj7IFVkyoDN73THvZiBVDvkuYkW24PaNTBgyUVrFQxp1cA5aj_HmuQNKxv2ZAgAAAjhSAAAAA2gBB5kDEU1XQ2rIVy-N3c32bztlRtrj9w8aEnIotCoGMYwk1F87PoFYzNJJjfelcOdaane9KPdNuWN5FwcKbeRAbfYCKBCdKd9w3PR6TAN1fHyqdZfQMB3Y3vJDJOqMzYtrLdTMd0rUYeNKzznI2bUjDVtoHpg3oRow-6_FXebrtHkOVc7JpOj7dndD9Xkrf-8lpqUUCa2VHpm0nLOQP57aUKwweADPXvYxQDIH_R5Cih7sjnufHgFfR2gmPr98w6Nxin2wBHgP3pemOLHwlgM4eFNEQR08JewtE1uR_mqmpatD97bX0oh5tpVu6qC3Awf5_N9u1iK0mMxvq2iYWUHQmTSkzgGlwRuh5ZLUiAVd76Ce2YFbSkEG6uwdLjtRPtiZAJijzx_40ScMVNUKTjPSD59iDj9asNjPsfv2X0wZ3HIo1RDaZcMNNMyGzn888YT4W5drup4Kum4CFwUJnhSZbEf2ZRbsIq8zikYD0En_v0RSDqAYz32bM-zXMHLsWvDia-YBIomHceEmKeN90sus_VTdabR9RE5iXIzAfyOgzdh_oLe5RWq8qTPbGRk38WRuoTCX1JDfqLlFLJ0XstFWCDaGLRsI2Tugue8Da1NoMxD7fOExU2OmV1qNyD4km-DslFYuQknvUs4j335guJCU-uyYMbYkMyKSqZq0bGv-3e1YqUDU0qprKipEvEQAabfVpUyUFw3_gdNdWdguZDOieEoZuwsTjfAdMAwpihO5vdAz7VAJEt5mj9eYUyfSK9_WXACPgAcTL9X6AtsayZ34fN7HN4QUGKlzuYxSs6qtfHT10F9_AoXi5XJTjKcMOdAPVlvwUbQih0poNLf_PPMlI3lifqViciUvE_iJ-6Bab4DSnlF-NURUybXXdCfV6gdpVXBk86RfbfsP5daFeUaPZWHWVqrvIH6NLh2X7H8Yf-_9WFrYDevHlfFKAMSZcGcP5W5l7RzHwkohdZhWnshF9eyIIZsC3-fbjxCRqMmB5DmIguK4DOVXolYvx2DwU6xEaa10OpQZN05FdKUJIQXYB9nLGhjd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 006E 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:42:54 GMT
expires: Fri, 15 Nov 2024 13:42:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 26E7 829 B
560 B 34ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efd696881eb645c02b969a2e8d7902153b3db306e51aa7f24d87ef678675343f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MAN6dz_fADz6g6ejf2JcxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xuxatv.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MAN6dz_fADz6g6ejf2JcxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:50:43 GMT
expires: Thu, 16 Nov 2023 14:50:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _728x90_t1.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 1 KB
1 KB 25ms
23ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:38 GMT
x-content-type-options: nosniff
age: 149645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1082
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8D0 0
28 B 59ms
59ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbCOuQSxWZf_KJ4vB9u8PgNGSgAgAAAAAOAHgBAI&bg=!_f6l_rHNAAZxrfrxUa07ADQBe5WfOFqEdwOIyapBgXDJB1rCMhZHAk6gphPLJHT2mZC4INmam1SMjWheOOcxEWP28QgJAgAAAb9SAAAAAmgBBwoAAqXQmQMRnktIs2XweHRLn8xiwguS9TAfUDbLIieBpKFfZ1wA0jFPFL0dzgmKDCTpqD_b3Gbz44cUVc1Kb_bt315UDNYWDRKHDv809dtcWaIETncDYQ37_r5eNBj38jMtmK0OBvBxNH9N7Mrlzo0B-n-zvsCpu6BjjUxmmKx1FiQvMIjNl9WaAACy7apOa5ULrcXP1RuC6j0jYEf6i5kS-4gyx5G98OwNNQ4zW5unZCZ_GvCot0F5Fum1TsySDM6jyFodDhRa_3f6KphbXLV60L5U1_kk7UYgz9sTMJqTjCWv0dCxj5_YTHlFhUyWt8j_n34-A8fSXc7tvOrVoHHDsYweT_HqHuQyUXJWJuSGD8v_dD3jj5fjhO1acqbDB1l9OWkElJnttL_qbIpjJeK-DCPl2VNkxKKG92nttUtKUJlmOE3G4_SjVtO_QxKQonogLVvG1O2ZzqHBTrMS6qzF1AFGuxbm-KEJlYLy7pa8whs8ImjTFjHD5TXeYgJgBY3DR0c0zEWApwf3NTbe9coXzZyvRHpi6XMyVF-IJdgyQLtVDognwOojiqz392xq0pjuSyt_whYUiqGjwgb4GgRSY5_nGtu2Ee62JCHdMJgDajX0J_UUPUEhN784cPydX38gtNS0kLbe1e7pkFUKkIDZpHCK7JrtJrcFMEfIj4ZQqG4BE4PjnBlnJ-yd4PksFpl_Cl8IIOrERBsVMZJPyPgdN13givILXN8XH2ioqUljrzk_3OlfZw724hQRjwz1IQ4ysouqU13R2r25vGyfYJ_KL5oqCOcSe7vf7ZbwyFQVXAHE6fO4dk0K3X1pEy1FKmbBEBQCltNX3ryaFIvqy7tCHKySgyYzOQEwHQEp-IzfbXVutCNDVw37AMKLQ4SlJNP87nd1Egxpgura7z-WgV0hgRoVHJVKGzKHwi8zPkFSlv8S_5jGQ-GuXzL03lIvlE0piRwVZTcJoBK4brp_OxVXwRsxXwB-r7gvwAOpgyc42p5t8_aCJqnTVtNykg0IyJZ2drfHA5X_bZeaITUcH_JjHOb37288ODQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK features.sub-modal.components.sub-modal-8a550618f2daccdc2b54.css
static.twitchcdn.net/assets/ Frame 92B7 69 B
929 B 33ms
32ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.sub-modal.components.sub-modal-8a550618f2daccdc2b54.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 735c7b59f89aeff250e7de4bfea72d82373b3c0cf0879171200e745bd5766e0b

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 17:39:14 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 9753089
Transfer-Encoding: chunked
X-Vicarius-TransactionID: 52418822
X-Cache: Hit from cloudfront
X-Vicarius-Region: fra
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 02:12:51 GMT
X-Vicarius-Hits: -1
ETag: W/"0278b08d9d2a70ab5477348fbef51090"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7_9wMZ1rQUhxMu4bX2SDTj1hEHAZe70eNOUqzC3MswsAec3Y9mIagw==

GET
H/1.1 200
OK features.sub-modal.components.sub-modal-ecf1b7349b9ed2fdff45.js Show response
static.twitchcdn.net/assets/ Frame 92B7 10 KB
4 KB 33ms
32ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.sub-modal.components.sub-modal-ecf1b7349b9ed2fdff45.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c2a790749293bd278e4186254ef12782239edd1154131ea20253ad1b3aeb49ad

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:05:38 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 758705
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 161841195
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 07 Nov 2023 02:44:01 GMT
X-Vicarius-Hits: -1
ETag: W/"b8557d1c2bb2e1e08768f85ef0796800"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: l1GxcM0DTcMNUQKTbtzBKJk-Q0djvnIwFMew8OhQteyq8rGZ_is47A==

GET
H3 200 _728x90_t2.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 1 KB
1 KB 23ms
22ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 319486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Nov 2024 22:05:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26E7 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=503099643134223&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 006E 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H/1.1 200
OK features.support-panel.components.support-panel-container-042b9c45a839f72a9eac.css
static.twitchcdn.net/assets/ Frame 92B7 36 KB
7 KB 34ms
33ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.support-panel.components.support-panel-container-042b9c45a839f72a9eac.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ce910d79de880dd97174de992a10a76156284dfa7b6a30f667833bbc12306489

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 17:29:28 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 1200075
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 156482261
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 01 Nov 2023 19:31:44 GMT
X-Vicarius-Hits: -1
ETag: W/"ed7d67aa40db44a36e75027a4f6554b9"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: EKVlbmj8JCZrbTbzCNCQsHOUVaIU1iBCWdrqAVQWR2OiPOWTbBJIXg==

GET
H/1.1 200
OK features.support-panel.components.support-panel-container-b3f6d73b714340f3d815.js Show response
static.twitchcdn.net/assets/ Frame 92B7 892 KB
183 KB 32ms
32ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.support-panel.components.support-panel-container-b3f6d73b714340f3d815.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cfa1c29b06dde362328959aa2fe3ccecc20c4efa0d07a1cd4ab01311cdf66422

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:27 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73276
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 170101923
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:59:22 GMT
X-Vicarius-Hits: -1
ETag: W/"1b3f215641143ca082058b156a022f7e"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: MVqoIpglk0KGQZmSYg310tm9NkCHUgcbJ48FgEssCOSGf71eMwE5Bg==

GET
H3 200 splash.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 33C2 5 KB
5 KB 24ms
24ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/splash.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 319486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Nov 2024 22:05:57 GMT

GET
H/1.1 200
OK features.support-panel.components.support-panel-a21e93cdcffa99b838d0.css
static.twitchcdn.net/assets/ Frame 92B7 36 KB
7 KB 33ms
32ms Stylesheet
text/css 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.support-panel.components.support-panel-a21e93cdcffa99b838d0.css
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2309304808ebfa53bf773fd26ba959b68e9a19a809cafdac1e40026fab0b287f

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 17:29:29 GMT
Content-Encoding: gzip
Via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 1200074
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 156482266
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 01 Nov 2023 19:31:43 GMT
X-Vicarius-Hits: -1
ETag: W/"2630a7eac1b637659d5e90c50e1ccc17"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 1ERIC2ZOCoIxdeeP0u7lL8wVw1-NPNqGuS6urhDmBQ1GuAAjJ9oklw==

GET
H/1.1 200
OK features.support-panel.components.support-panel-70961cf5e7772a24bba9.js Show response
static.twitchcdn.net/assets/ Frame 92B7 959 KB
199 KB 36ms
36ms Script
application/x-javascript 2600:9000:211a:a000:c:132:48e:f021
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.twitchcdn.net/assets/features.support-panel.components.support-panel-70961cf5e7772a24bba9.js
Requested by: Host: embed.twitch.tv
URL: https://embed.twitch.tv/?channel=xuxatv&height=480&layout=video&parent=xuxatv.com.br&referrer=https%3A%2F%2Fxuxatv.com.br%2F&width=854
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a000:c:132:48e:f021 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: afa5f0c26cd3d66c813d38639a3a5b617bc02a5ff1356f6538835037a4985f1d

Request headers

Referer: https://embed.twitch.tv/
Origin: https://embed.twitch.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 18:29:27 GMT
Content-Encoding: gzip
Via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
Age: 73276
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Vicarius-Region: fra
X-Vicarius-TransactionID: 170045928
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 02:59:21 GMT
X-Vicarius-Hits: -1
ETag: W/"6ef09b40b92138b5b4c6dc955f5e620e"
X-Vicarius-Origin: fra
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ioA1vFN03cUSDfZk6jfVQBfvhc5rkef_Xn_vFIf8pPNg3-Qr6ARSfA==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 006E 0
11 B 19ms
19ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?te3Rig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA6C 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu374WMk5Y0F2-hV9CZH9PjKMVdPohK1bYLSWEkk_FcS60pxXXZve-CkCh2ow3QbAfGw361-ipqq6QkyE98e-HgeOOMyRQvJPGYXRVkXUOGbC3z42GoAZE6pA&sig=Cg0ArKJSzEwGo8LmEtbPEAE&id=lidar2&mcvt=1000&p=18,0,108,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=34&adk=2988274603&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700146240971&rpt=1548&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA6C 0
28 B 56ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=254971828369&version=m202309260101&ct=77&x=1&cor=10123855502569478000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE40 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDF2xTq7gB1xwothlWJjtPkheMox9mMMzrDGqffWE9qthrnCp6p0irxZ1OjPD6VmzAXNlN6IFbVAEYAmgDx0jyzbgPEsVomZTExTJUkBD1lKqrVOsbMp4d6tclrM38Hgo0XDYW5jca5E-b&sai=AMfl-YR9RYD2yXCRcKZmU79iCfj2aRb4Ky4uaOGzl4Ym5XvypZbiToIG3DmkgiRX3UlCumtbJIMNQCoa5mtFyytbZOCgUGo2solUzXa1Bz8NEhcrHH-E4mjf5SbwG8Eez9Ic4CeTpIUBdjsTQ69VJM7-Nw&sig=Cg0ArKJSzHCH2pEFleurEAE&cid=CAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ&id=lidar2&mcvt=1016&p=0,0,600,160&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700146240918&rpt=567&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82CA 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXFCnfjh6FPZezlgnNyuB9hiAsbujGS8e6DHten5p62zqeJDY49Dafc7sXRVMW4wWX1gZ7WolZUy0CpWzraBOCmZjXkRphXknqtG0EuRB0aISYkYEePNQRDQw8qNwoDRpXJeriM38568hr&sai=AMfl-YTtW7G3z9tADYKvJvb7ZUPPFczZpHWuJAlFY9SyUcIKkZIKazmxh5O3Ixyq20tNiKSu7BoetJIv9rDfulo87kbDuFY7JWHOa2RYFYcnSG30DOuNmbo_v84i2EshCvYxeUZhj7KQ_Ib1M3KaqiqHIg&sig=Cg0ArKJSzELkb6C73b1AEAE&cid=CAQSTwDICaaNuzFMDt5ouuuSuicRmiQV4YttdKwZOC7heOv_sZ3PjnaXRjwcpKx0ovc8op7ahEYj9IZkafF4k51H6QYYMMDP27VzsTERxvBopnMYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700146240945&rpt=530&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 14:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=503099643134223&bg=!vL-lv_DNAAZxrfrxUa07ADQBe5WfOGZ8Dm2EtFI3FXX0EvjSTV-TLNOR3Esv4keHZgtc8rD-0WGLO3LRorj9CbOVYRXzAgAAAI1SAAAAA2gBBwoAkyPq7Ho3kJ8lXU2PYrEpbcRqyRH01YuMiWE88WwVs2N_ESIP5bchRW6u2QrYrxTTqBO3wspNm1SE1TSX_ZE0pRcnrQsjbzegHP2KPcVA0acgxuwSNndUdV-Xovp9CjFkBw1yHMRxdbZ-XTuFPrFa0Jmwy4dFBYmJHBvcS9d9hkOfNoPf5A0nQjAkhIvok6-xdZWZHJkCuo6ublDo4mUPq7luGDFUZscGOhDBNZlPBUZKoeFqoTftlGVvzmCGIy6vNi15Nbse9dk6duGIeSdP0ORH0l8I8i1Mlfzi5Ttu9mjmSL4OLi3HbcCqIuBhr61juRwxBzKPKUa6pJpxOOU9Ia8IimU7sUV8lsK7cGxE7QD-dond1dtNzFAj91UpZy_qk6qtpsM6mjOpFN5xK6klBjz2kYKPICH77KMa0SYuDYhvY-CkRXRaxzgdRXajbHUn75kde2R-AlrDHKQeMglEe762Oz_XbmISBa5dlGDmLhULFRyquMMZh7j2AbV1lfgoTLa_T0vzG1bi2PiETA34cv2EHsRCdto1-pfaZLmgXNhaVVQTvwjPOw_T30I5-ILvqggV1rzr_H2RDv6V4Bzl16HvKfiM4H1l_EKUnBDZvxlu3cQwl1Khd8AR6lEKj4tAH-G61Bdw4M0XD8nzy01HB2MFK-7zIb9WKyAfwoHmlU-aWTkt8H5FjKh0YlcsmdFaNd3vyTCJbseFqV50QDASQi24pHfEsxKi1uCiE6J2FTJtBi5uX1mF--jvTu8ds2fTdlGAExRvKFrTz_erKd5pAORDBbcZ7ykSPowEd7nvBT_ta7CqYegb_at6CBiByHMXO8RhOqyQPbSWSiwgkoQuOoGB-1OEatqVBtUQ2rMV2nMpK2v9UrYg29jDdve3XUBvSOIosO_yfNVj0051sR5coNFxeG0WR6EE621Eo5sF8-TkmTXVRudhRwUCgVBgRBIHHQAXKsN3vN6UkOCUUVK_ehDPY00JIGImYP_lCWkW2XHOlAA1bwUdgI6kcENPTVI8tPreOoVzhb6O-lZ-A_M63jm-Xj968iA9c7fYgBUjHWCx3QpO3xWX1_sZSseASOEbmbTQ0D2H8e9dQ8vGQcYNUt2wUqFFkzF2YwFohyzAiGV3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 218 B
336 B 220ms
219ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bf557beaf4a8c928bd1b1a57b4183c4bb53506fe0669fbf2395665dec88fdfec

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Integrity: v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiIyMTcuMTE0LjIxOC4yNyIsImRldmljZV9pZCI6IjNmNWQxYmE4M2ZmZjE4YjIiLCJleHAiOiIyMDIzLTExLTE3VDA2OjUwOjQxWiIsImlhdCI6IjIwMjMtMTEtMTZUMTQ6NTA6NDFaIiwiaXNfYmFkX2JvdCI6InRydWUiLCJpc3MiOiJUd2l0Y2ggQ2xpZW50IEludGVncml0eSIsIm5iZiI6IjIwMjMtMTEtMTZUMTQ6NTA6NDFaIiwidXNlcl9pZCI6IiJ9RJ6HPTaKvr6iwfCMCpNXwBJDd2bjY--mb5cbkg9xCbM4u_ADTdPqMc_1WE-Ngu6ckxP4EMFDQjodFUUqEzkcAw
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:44 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 149
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 27ms
27ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 397
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:43 GMT

GET
H3 200 HOME2-LOST-ARK.jpg
xuxatv.com.br/wp-content/uploads/2022/01/ 326 KB
327 KB 131ms
131ms Image
image/jpeg 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2022/01/HOME2-LOST-ARK.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8067c175eb18067c2084b6f0b6742c57132432887d9fb64887c4690d25583939

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 24 Jan 2022 17:12:04 GMT
server: LiteSpeed
etag: "51963-61eedde4-9074e684fa7e0c2d;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 334179
expires: Thu, 23 Nov 2023 14:50:44 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:45 GMT
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 2381 0
308 B 72ms
28ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=1b25854ce1304a37870e046cf428998e&flavor=0&gdpr=&gdpr_consent=&ee_dp_cadl=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&vdur=269&eoid=20&te_exec=4&msrjs=4946&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=186&tetms=10&msltms=106&vltms=269&sei=290&vetms=220&tuviims=290&tuviems=779&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&ee_dp_rbgms=1&ee_dp_asmm=1&msrcanlm=904&msrcannum=3&ee_dp_tmads=2617&ismms=1191&isumms=1190&nvr=6&elmtp=1&isbxdms=3190&b0=100&b11=2017&adhgt=600&adwdth=160&norwdth=160&norhgt=600&vsos=5&dvp_vsosnmr=16&lftb=2117&sftb=2117&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2190&isuiabvms=2190&ispmxpms=2190&engalms=1189&dvp_dpr=1&vstsz=1073&ee_dp_cvcmeeid=1&metp=2&meeid=1&iscvmvms=3190&ttfurm=3513
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4946.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:45 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-15T14:50:45

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame D164 0
308 B 28ms
27ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=b70fd42ddec04aedbe70c35f5d64ca58&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=567208257&ee_dp_btros_64=0&vdur=44&eoid=22&te_exec=4&msrjs=4946&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=137&tetms=9&msltms=112&vltms=44&sei=290&vetms=283&tuviims=482&tuviems=809&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&ee_dp_rbgms=1&ee_dp_asmm=1&msrcanlm=904&msrcannum=3&ee_dp_tmads=2442&ismms=1048&isumms=1047&nvr=6&elmtp=1&isbxdms=3048&b0=100&b11=2008&adhgt=600&adwdth=160&norwdth=160&norhgt=600&vsos=5&dvp_vsosnmr=16&lftb=2108&sftb=2108&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2048&isuiabvms=2048&ispmxpms=2048&engalms=1047&dvp_dpr=1&vstsz=1071&ee_dp_cvcmeeid=1&metp=2&meeid=1&iscvmvms=3048&ttfurm=3341
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4946.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Thu, 16 Nov 2023 14:50:45 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-15T14:50:45

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:47 GMT
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:47 GMT
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ Frame 92B7 218 B
336 B 211ms
211ms Fetch
application/json 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c5c7c655e3ff0412c8fcbe1d57a4903cc269bec4cbc6d3b098e33e1009388dd

Request headers

Accept-Language: de-DE,de;q=0.9
Client-Version: cc42a385-abf2-4687-902a-7cbd78a8e9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://embed.twitch.tv/
Client-Integrity: v4.public.eyJjbGllbnRfaWQiOiJraW1uZTc4a3gzbmN4NmJyZ280bXY2d2tpNWgxa28iLCJjbGllbnRfaXAiOiIyMTcuMTE0LjIxOC4yNyIsImRldmljZV9pZCI6IjNmNWQxYmE4M2ZmZjE4YjIiLCJleHAiOiIyMDIzLTExLTE3VDA2OjUwOjQxWiIsImlhdCI6IjIwMjMtMTEtMTZUMTQ6NTA6NDFaIiwiaXNfYmFkX2JvdCI6InRydWUiLCJpc3MiOiJUd2l0Y2ggQ2xpZW50IEludGVncml0eSIsIm5iZiI6IjIwMjMtMTEtMTZUMTQ6NTA6NDFaIiwidXNlcl9pZCI6IiJ9RJ6HPTaKvr6iwfCMCpNXwBJDd2bjY--mb5cbkg9xCbM4u_ADTdPqMc_1WE-Ngu6ckxP4EMFDQjodFUUqEzkcAw
Client-Session-Id: 01b8e2bcb276b303
Client-Id: kimne78kx3ncx6brgo4mv6wki5h1ko
X-Device-Id: 3f5d1ba83fff18b2

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Nov 2023 14:50:48 GMT
Content-Encoding: br
Connection: keep-alive
Content-Length: 149
Content-Type: application/json

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 35ms
35ms Preflight 146.75.122.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client-integrity,client-session-id,client-version,x-device-id
Access-Control-Request-Method: POST
Origin: https://embed.twitch.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Challenge-Token, Client-Id, Client-Request-Id, Client-Session-Id, Client-Version, Client-Integrity, Client-Integrity-Mobile-Enabled, Content-Type, Device-Id, Trusted-Twitch-Session, Twitch-Trace, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Age: 401
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Nov 2023 14:50:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5080 0
127 B 36ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 505E 0
127 B 62ms
58ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 HOME3-MIR4.png
xuxatv.com.br/wp-content/uploads/2022/01/ 2 MB
2 MB 133ms
132ms Image
image/png 2a02:4780:1:1009:0:217a:1b2f:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xuxatv.com.br/wp-content/uploads/2022/01/HOME3-MIR4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1:1009:0:217a:1b2f:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

20022b1a2c6b7aea9afbdd9f63f05b908180099009a10462a380eaed75ed483a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xuxatv.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:50:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 24 Jan 2022 17:12:11 GMT
server: LiteSpeed
etag: "1b3bf1-61eeddeb-939fca0cb4d2d5d1;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1784817
expires: Thu, 23 Nov 2023 14:50:49 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://video-edge-88d933.pdx01.abs.hls.ttvnw.net/v1/segment/ClGcaAM-yRE9E33MdecH8AILYc1lUuhvAGFq5Tp-r3yfEIMMeY2UEwINBUmMSOCS4Cv-u1YZEGeEdUbj6iMiVaxu9mUiuFe-4EpGzNO9gCvncu4wbAIklx6iJnog-XmkFEWyvwrj31s2MBfcDIWa99MNycd_yT-iKOcZfJjU6OBb890kvhDDJUwq6SpkFplfYHW-kQC3INGyQEsPTkS_pB9PZDSOZI_iQT6N2uUf_hHwkSTb3daC3dzIGFmkwhlNb3Fa6y6PYsi-gXdpCoos1RVRS5q4ImMTzjKBwY67XnShVN92VNiwfv4J4ltZ49Um2esbwuEiqcRb2lipLK5X_mnjUF-hdm_mDRFo28Au6c1Wk36-p-Xxwyxe7A1rvOVRfuPkMGQu5z9gq64YxnJC4QSH1Qb7uUhEGa9eghtClGQ7AhZnIeOLfwlgpPwcSm9VWKpKR1LxtRqzlHoajWCII3wlU86qT72NjA6N2BXM8BjrGuRTt810febXOey97d04N9eQfRkqhPtwpTV1ug14gbLnKKH4-74l2BOEHSX6PA6qeyIHRpLai9tyK6ysHBvDr-5xI1EXHkyJkaBoU_cqjfN366epmzFjbL4Ew6q9HggPPpeChV4RdBz9Es9pr29VM2eu2rRqH-qCZt-2CrU8zZQhAuS3p8vPaXoe5DbZ6WZtFFFts9XdgLCnBYo7qcklbU595BLdd5KcD3e0o6zBfRU2siJTJXd36lWuK6HB89iOnbGd6M8OVlmKjR8mr1.ts
Requested by: Host: k.twitchcdn.net
URL: https://k.twitchcdn.net/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.219.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-219-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://embed.twitch.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 14:50:50 GMT
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.twitch.tv
URL: https://api.twitch.tv/kraken/users?login=xuxatv

Domain: reporting.cdndex.io
URL: https://reporting.cdndex.io/error

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFUCUvAhPSvt6PIGxYpN2f8&google_cver=1&google_push=AXcoOmTGtbqOZYupCo0w8wKcD_AXidKNj9Ou_z-WK1wexixwyxOh-Bbl_w7tkGYs85p8BH_WhQ_6RS7TSi0Sf3GZkjRrQPZylCEFY5Q

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAjDu5WIiQtikr15dLH6SyE&google_cver=1&google_push=AXcoOmTUSxE_KkiG0B-34cwjj9Z9l5yRJ2G-mKKZvuc0G2ms-knIW_zEyX4AaEEo_5SDUu9kvKBSDhozj5obiw6Y297uLqIGral2YEU

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twitch.tv/	1969-12-31 23:59:59	Name: server_session_id Value: b8896b5f135d43a8aafd0f2530e3f435
.twitch.tv/	1970-01-21 01:46:00	Name: unique_id Value: 3f5d1ba83fff18b2
.twitch.tv/	1970-01-21 01:46:00	Name: unique_id_durable Value: 3f5d1ba83fff18b2
.twitch.tv/	1970-01-20 16:15:48	Name: referrer_url Value: https://xuxatv.com.br/
.twitch.tv/	1970-01-21 01:46:00	Name: experiment_overrides Value: {%22experiments%22:{}%2C%22disabled%22:[]}
.twitch.tv/	1970-01-21 01:46:00	Name: api_token Value: twilight.4c88f944d5df90c750f1b4c09f29fa2d
passport.twitch.tv/	1970-01-20 16:17:12	Name: ga__13_abel-ssn Value: 082CVI7yfWi8L9sQNSlCmjzt6SEhHB6CM1DJiAr7eBW7cDwuqaiDDczhs2uax8tYPbcOblGru1gGnYGuZ7MQMT6ivQt6Jus4meE7hrBHZBdCGAWhqCHobuTn25Qwohr2EfxmkgAVsYcJosuG4BT9kkONK0nvEeL
.doubleclick.net/	1970-01-21 01:37:22	Name: IDE Value: AHWqTUmS-UlcRaerLn5n4p2gIeyKp_H2pHtAXlCOGJkQhR3d9cptKloPvZLOUUICQUg
gql.twitch.tv/	1970-01-20 16:17:12	Name: KP_UIDz-ssn Value: 07aWxE9z6ftSmMRL2In81f20dYVbGuZzqgokzZli0UPOt1v3AGwr0puYeBGhlUJGFLuxxawYjJQTsNNvcV3zqa8zh207nOpUaKgAvbIXBTlYOf3JQXFCJUxM4OEVSEMyfjGLXiSuOqU0vDfsQW0VbQQu54zXvue
.xuxatv.com.br/	1970-01-21 01:37:22	Name: __gads Value: ID=f3a4db6429dd24ad:T=1700146240:RT=1700146240:S=ALNI_MaWyvsiAHJ1jCX7S5zcbsGR9zz9EA
.xuxatv.com.br/	1970-01-21 01:37:22	Name: __gpi Value: UID=00000cc9f45ef3b3:T=1700146240:RT=1700146240:S=ALNI_MYO3rt-whhiHm0sF8Z9udd0qGiD4A
.blismedia.com/	1970-01-21 01:01:26	Name: b Value: 65562C41379EEC548043DBC8BLIS
.simpli.fi/	1970-01-21 01:02:48	Name: suid Value: 9A06CF1EEBD847DD9828D43E699CCD47
.ctnsnet.com/	1970-01-21 01:01:22	Name: cid_7c4283e22ca24322a2582b94ada3942e Value: 1
.ctnsnet.com/	1970-01-21 01:01:22	Name: gid_CAESELgBBYrpo0K2f_xTK0DCgqg Value: 1
.adform.net/	1970-01-20 16:58:58	Name: C Value: 1
.w55c.net/	1970-01-21 01:46:00	Name: wfivefivec Value: xs1q98cY1R3DHz5
.yahoo.com/	1970-01-21 01:01:43	Name: A3 Value: d=AQABBEEsVmUCEI96bKUIdddpJgNV4yEFR8EFEgEBAQF9V2VgZQAAAAAA_eMAAA&S=AQAAAn4oHClKZTmTaeQRVtBAY0s
.w55c.net/	1970-01-20 16:58:58	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 17:42:10	Name: uid Value: 4497691409730426871
.casalemedia.com/	1970-01-21 01:01:22	Name: CMID Value: ZVYsQVCDIKJjT7DiCeOHIQAA
.casalemedia.com/	1970-01-20 18:25:22	Name: CMPS Value: 5153
.casalemedia.com/	1970-01-20 18:25:22	Name: CMPRO Value: 5153
.doubleclick.net/	1970-01-20 16:15:49	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 18:25:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb:IX>'C!@wnfH8K6pQK`!5=E<L5?%K@2F(fZk2z(]fCDaX26B.CctO7>@<hat+qvY>bpRzqF1`b_)61N=
.doubleclick.net/	1970-01-20 20:34:58	Name: APC Value: AfxxVi7VNpktAijPIC556Xm62187iTLN71P95We0HU2ScsW5iqKDaw
.adnxs.com/	1970-01-20 18:25:22	Name: uuid2 Value: 6520081341154992819
.adfarm1.adition.com/	1970-01-20 18:25:22	Name: UserID1 Value: 7302072503525177489
.travelaudience.com/	1970-01-21 01:46:00	Name: _tracker Value: %7B%22UUID%22%3A%22BFBD937C-9B8A-4EAC-1909-4C0CDDB49A7C%22%7D
.doubleclick.net/	1970-01-20 16:58:58	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-20 18:25:22	Name: ar_debug Value: 1

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://embed.twitch.tv/embed/v1.js Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	error	URL: https://xuxatv.com.br/ Message: Access to XMLHttpRequest at 'https://api.twitch.tv/kraken/users?login=xuxatv' from origin 'https://xuxatv.com.br' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.twitch.tv/kraken/users?login=xuxatv Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://passport.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0 Message: Failed to load resource: the server responded with a status of 429 (Too Many Requests)
network	error	URL: https://gql.twitch.tv/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp?x-kpsdk-v=j-0.0.0 Message: Failed to load resource: the server responded with a status of 429 (Too Many Requests)
worker	info	URL: https://static.twitchcdn.net/assets/amazon-ivs-wasmworker.min-527a0ec8a3914c71a683.js Message: Amazon IVS Player SDK 1.23.0-rc.2
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974894051137733&output=html&h=280&adk=2349245872&adf=366746197&pi=t.aa~a.3750004799~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700146240&rafmt=1&to=qs&pwprc=3173985034&format=1200x280&url=https%3A%2F%2Fxuxatv.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700146240195&bpp=1&bdt=2176&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5230436701717&frm=20&pv=1&ga_vid=112662117.1700146239&ga_sid=1700146239&ga_hid=2067857781&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C44809004%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=503099643134223&tmod=1956708044&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=18 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
worker	info	URL: https://static.twitchcdn.net/assets/amazon-ivs-wasmworker.min-527a0ec8a3914c71a683.js Message: MediaCapabilities found [object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
worker	info	URL: https://static.twitchcdn.net/assets/amazon-ivs-wasmworker.min-527a0ec8a3914c71a683.js Message: MSE in workers enabled
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.twitch.tv/r/s/m/nat.min.js(Line 3414) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=1b25854ce1304a37870e046cf428998e&consid=&api=1&rc=true Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01b8e2bcb276b303.darnuid.imrworldwide.com
17001462414732cf4cb9b877531377d48e89a673295f4aa77bf69fcb.trk.sensic.net
1700146242344ee2b0c764fa1ac7316038b30fa1a8fcfda488efb92d.trk.sensic.net
2d59a6fbb3970d110ae26b0700e5d77b.redinuid.imrworldwide.com
ad.doubleclick.net
ads.eu.criteo.com
ads.travelaudience.com
api.twitch.tv
c1.adform.net
cat.nl3.eu.criteo.com
cdn.doubleverify.com
cdn.lamp.avct.cloud
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
d2v02itv0y9u9t.cloudfront.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
embed.twitch.tv
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gql.twitch.tv
ib.adnxs.com
imageproxy.eu.criteo.net
k.twitchcdn.net
measure.lamp.avct.cloud
onetag-sys.com
pagead2.googlesyndication.com
passport.twitch.tv
pixel.de-config.sensic.net
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
reporting.cdndex.io
rtb.fr3.eu.criteo.com
s0.2mdn.net
secure-sts-prod.imrworldwide.com
static-cdn.jtvnw.net
static.criteo.net
static.twitchcdn.net
stats.wp.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tps-dn-ew1.doubleverify.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tr.blismedia.com
um.simpli.fi
us-u.openx.net
use.fontawesome.com
video-edge-88d933.pdx01.abs.hls.ttvnw.net
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.twitch.tv
xuxatv.com.br
api.twitch.tv
googlecm.hit.gemius.pl
reporting.cdndex.io
sync-tm.everesttech.net
13.32.110.126
13.32.27.32
13.32.99.48
130.211.44.5
142.250.184.226
142.250.185.230
142.250.185.98
142.250.186.162
146.75.118.214
146.75.122.167
172.64.151.101
178.250.1.6
178.250.1.9
185.89.210.153
192.0.76.3
2.16.97.41
2600:9000:20ab:e800:19:f28c:cd92:c761
2600:9000:20b4:9c00:2:5624:e040:21
2600:9000:211a:6a00:1f:f009:8540:93a1
2600:9000:211a:a000:c:132:48e:f021
2600:9000:211a:e400:c:bbc8:bbc0:93a1
2600:9000:2394:7e00:1f:f009:8540:93a1
2606:4700::6811:190e
2606:4700:e2::ac40:8d0d
2a00:1450:4001:801::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:812::2006
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:26f0:3500:d::1732:83d6
2a02:4780:1:1009:0:217a:1b2f:2
2a02:fa8:8806:16::1400
2a05:d018:d29:3601:a431:4595:7531:b100
34.96.105.8
34.98.64.218
35.186.193.173
35.190.0.66
35.204.158.49
35.210.149.152
37.157.5.84
51.89.9.254
52.29.13.21
52.32.219.51
52.48.253.127
52.49.226.217
52.51.249.246
54.171.200.20
85.114.159.118
00749eff5f11fd9eaa37764812e679a75676baaf200a7c4e0622eceddf020cba
018d440eb02563c157978016a22bfb58e2cf67348f876eff00af8ca1eb26d0ab
01f1ad078ae202ac671bd2354e3c91145962e5f8e80aa4c1ea11d84a8a4039ab
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0527a5691faef7b0708b32a4625f169263af85cf7cd7d6615b8dc76a3a60b11a
067629b93b9156dcfd0a66c7bfd2453c187244f0ec9cb7bbc96bb7d1f41881cb
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d807ac034b920aa14cfbc0894605e1934c82e2d1d66b2eb1e26aea60556e84
09e2d008f737b14f838e143e4da91727061d41df215cc91a85f2451c7baf325f
0a2f17abd9ef9d95cd018e46e848ad59d5e0e2f2dd5c9ebfb1387d5b892d2fd9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c5c7c655e3ff0412c8fcbe1d57a4903cc269bec4cbc6d3b098e33e1009388dd
0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d
0d6066bcc6ad6d23b4eb028f12f9cca79277cdf00778a112e9c39bc00be2e65b
0dc454e2de7f1c663a6a5e236129d355dd0d4b699fcbd5900428e7409ced82db
1056c963b8160232d4bd1d49ff1c7176af39763bbaa5e2fa933dda971ce70f6a
12366a3e0b95c4cb8500df981a00e58c3deadd8ccd027d4466f4be197906466c
13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f
15bd30d9935bc5e145f644cf3f6804a6990f165df23219d03c0d956549347fb6
15e76f351a45431443af778ed29df1fab097199503e3b454d41098eb37bbce78
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
167f1e3602d7682632294d7014110ba98638845dbcf570325f8826137a2738e3
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18810cc7f62acf01765366af6b41e3890fd2ea526b7a35ce622873468d0f39ca
18c7b070bddf5587077c60d901ed78773e9ba44be7e5fe8c7366092edd695e81
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a7ec5a7debd61e63fff2e56327e3022826f9b3e677ba735608fba0deef116b3
1be7b683516f00ef5d0d5d085989da98c6a5d2ddb55d83573373b729a70d7ae4
1c43dceaef3bda690da400879b1cfb6b9883a25605ac56607a686027c0ac1755
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1d1c15087d7e241a99cf94534f8f0e2286c9b426bfc065a248ae9dc0d07f9e00
1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0
20022b1a2c6b7aea9afbdd9f63f05b908180099009a10462a380eaed75ed483a
202c4fb63fc8b30113323a216eb6e8ac53145ee6dd50cedcf7627aa932eb158b
22e5f617ff5ea75fa0da061a8922316d29c607387ef91ce6a727551ea45a08a0
2309304808ebfa53bf773fd26ba959b68e9a19a809cafdac1e40026fab0b287f
24809bb21d3bb33f5cb90e447afe43dba9e38295f82e9a31fafe0d73b9a798e3
24bc5cb8efa7ed4a6211c29576af166a14ae53d3a81a80c51fe7a2e434dbe449
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
25eb74ef5cb4f12ce63ffae537c136e1455b0917fa19713bf72dab182f55d395
27318f3d1d49de3cb749965da1dbceaf7e5dc071214011fab6cb69e0417b292d
27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
298037ddd1d0b044fe2df2ed0a47c67f6a3f2be1385120ff6d0138526cfad511
2bc2af0c3101e9bd9188ef5bd39172af8097016e64ad1086ea03c3b965c8adb2
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e87256beaaf289a51e4c31908c0255c09ff615bce8e90591858b2ec9b8aed30
2e9e6c2edeea38c2c2a4d0a0adf2224ca0353f1e0994af6e979f35b0bf0d6cb9
2f0660ef6b9aa51a6e14bd06f9d9be49d7f8abe2dfab0ebb8914378a2b4b4f1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c9c4804a302ab73ce602ef9af921ba1e6f59ccc343dda867da064ae6aad8b9
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
37959fc8966345a8eafa11b1967ec4fbabb59c17344083b23aacc26218d2c6ed
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39d95bc73be041b44694c47710ca95f972cee147d3d39cfeccc728054deb3a51
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e0883088748759001d4eb553095b01f86bc875d6eb1db1d244efe21596518b6
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3fb66a979162576e6018f079293be866329da6ce619116e396514cd245db1b62
415ed4613566913c5107561046bac43c1b372162850772dc6632522e0e3ba10a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431097f4f934bdc8ae8ea0d5d33a07573e22cf31f50e02499a1b12b98be7c4a2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
445f90ecfab5ded6f51209614d8e66316b70a0afa06b00249a5032ec41262191
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
4570913dc9b4394374c8e7eedd80f9f3eb463969199626b32595eee9f2eeb891
4753e0e2fc769d14cd90048716a76fc8607a8a4adc089d2606306a38d477fc9f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
49b4d95b69acd86c171b418753b066676434b734783a782d5a718ca9358bec33
4b037452c0ef5cdaa6a3c769413d98cd4bf62ccd7562ac85d93bc627e3b0d7de
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c047185e6e4370e7aefa93df87710007d0ac33ddf9c2e555d498e757695b63c
4c285d11065edcb671884f3ce725e8677e0fb49556ee6f194376b2edac45db6b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502c2e49f8557a262213365fa1a99b67a09df837a2e40cee90fa60a340bc4552
515927139c82bf4a048c6fdc6a60b3a07a3136bd607be7248cf3c41369670119
5182ec1a495e786e4e1a5932bc245e04e4d69df8487e36be3c31f5dbe933d855
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0
544ad9fe6ced38792fcb763fff362d510cb42a019c736f70d8dacbb6d6f480c1
54d76f1c75eab61bebf210d30b5db9de1fade64d515d1704b86a615ecc3a11e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
58946a4f805d3bc0f8909dc9a82cb4da1e9a7989463304b8fe2bd8886db84773
5ad7de9d11e131b8ef433f838bed58f35341231525bcef690f3e1faa0619fa7a
5c40705bb21bad468f397f46397899d2ed7c51bb2d26e0cce787bafe3c46694c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0f4bae14ff26ca8f7e3e49f5cae0d3e240e9a26a6dac472889e98ca7e3e364
5e0ec7397d29e0fe3f5c25bc30726b1b79f3489b0674557367b08157ba44129f
5e1ee438f94011670bb55a1bf29c33b93acea0c2570002e5326c9d07f64d6e1d
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
62af0c20276c24765b417a627557cf14d6a7638db797f3673a3c7b0963ad8b22
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
63feeb395a01ec8660e2594c4e6e6a7c8b35811ce6d17fbf83a155e1293b0a00
654a2938118171002f404f2427ae10b94c37c8d43b53564aef7a126d023b0039
65ace12eba3405ce2c5f6b534fe6af73b033cc8cc1c25777b7b403c36512e8d2
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66a7b650897e44278afe9cd172dbf8c98332548049d15ce1008d9a46ad709577
66fc0d616cd812983a18070716cad135908f25820a927059b83d2b7a9f776af9
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6998d311bdd346da24a257d09e25517aa7cc7eb4b8fd740b8deb7b769269f727
69cfb7908ceb8fdbbc69f017c4172c8be25b1d3688c75e311e9f4312cbd65d3e
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6bd3fea5dba78b94182a62a83a51d93752dbeebfab5cb8100b16cfd4451ca04f
6cb35f7588c16390c3693092c2bb50a0b8f78f85462220811f6197df99a02341
6d2c88d7b8364da624551c4b898778538b8020b501bd56717773d7a1d18f6d1e
706938a922c0aaad87417d2d3eaaa2568df316e860b527fe2237bd7497dc4c8d
70d47fbe8ad51a9d06a022d2cf3a473bc9ac8e16b41cef87e97f38124408afc2
71272eb2ad036c6584d9c64712e97591db0168ddc80e02f61d3e98e19f54aa62
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735c7b59f89aeff250e7de4bfea72d82373b3c0cf0879171200e745bd5766e0b
74886df8d0a2ef6a6789df71d5cb539b73ecbeb40de9a88f05781c6f4b1a2e71
755b6564ea2c3bcb2009c559dff8ed26cdbdd73c0436f20adced5b16ccc7a92c
79f40047b18f4a694852c3aac01228358c1f60e7feecf568705390650981dbea
7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae
7dc1657d62d95d4f3dfff6282aaaf24fb7ccd26afde8cbfbd706c8c00b301cb1
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
7fd4409198e6c276d5b4b62f2c3b1e8fc4f06193180b52ab3360fd8bdb87d6e6
8067c175eb18067c2084b6f0b6742c57132432887d9fb64887c4690d25583939
8075015fa33f42ed0b6b17d22fe0d4fc2935949409045f3152b9c87698e9611d
88588830962cdb62afa928436cb3c7aa7a571cef13c2cae0b3f3b014f3d1c0fe
8873c2794f3ac12226cde30ef4d7890976dacf60b943dcc5d770c82286328704
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a539799d12e3a144273288055490f57e1eee84da7a9145f085bc522e80719c3
8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401
8b0729c39a1048f859d3dc08ab52a723c829235cd4b7d255e13f0588250f460a
8bce03830085f51179f7410dd50cd87f243ea044fd1dee147852860b05f9269f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
91990fd06e331dade092788f7b1535f5449a991bae5691faee7afb53e3a9329f
9250ad0da233bea529df602cd38257964fe7d84217656525d0655f81c48417d1
92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9
9604846e8a337a0e3a9606b20c236545475bcc43ae99bc5361a04258feee0b1a
97bca8d73b554549d84d1322e2f0bd15c12b1f005c5a91dd254e7b2bc0bac8f3
98f4a2dda336bc13f4fafa68647ac0304c34c227bc078eb5701dbcf25976c3a3
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6914e9f70280973f09ee2491397150dd4c94706974bfd7f4de0e5768a1a432
9b8583bdfd42a85662e77156da80d7b79312af1c5a12de4323b5c0e56f921975
9b8fac1e81e158130ccd136fde54bc533bd0adce217aa9f66b61b0e7bc05925c
9ba40069f9ec6d491f4738cc1c346700ddeaf5ef616f46122d7f9ce71d7dc620
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0373d647fe10d48014be010baa35759546a2123c9bba2c1848c80c430f35fb0
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2b7c813a467aa88e8eda47de6694448122889e13b188aa55544fcfcbbcb70df
a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a6c3c182f7b23265862cf0aca5c670c6b603381a37878a7f342da958e37b4e33
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aaa41c92c5a8c4640b5bb2173ac6694f87c298913f4defbc6fb837314022579b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab2d27a4438058b8a7042e007e6c24c324cb70e3c48e1f04461769b17ff7c845
abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151
af20c573099d2bc41c90b36929134598a8f6a3b3b52c6280e90ecb4ec3e2e652
afa5f0c26cd3d66c813d38639a3a5b617bc02a5ff1356f6538835037a4985f1d
afe66cea58a674f9768895948b9f01d90dbb98a2ac72fd3369ce6b5fa43c3bb2
b117fd901347bbff0bd87aa7604bbfb369127bd59b8e1a53414ee3cf8602fed7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42caa95f45bd0f129a0bd428c1050df9f38f2b69e753b8d7cba7bdbc8e0cf8f
b4f4f586d47286e3dde175fcf534d92a51cd417d1fa3c3db425d1cad3bfcf8ec
b552a8351317ffd28cc5af3dd425fe8012f2f2619042128fa3dc8d28801b2442
b696e7eadbfb3fad4412a7f99d8c1aabb356cba437e7792e0ee134a1c5dbba85
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b91240a71117372893493c84ee83c62c2790dfa737bf24278aa44cc5dde2c109
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc782bdc0e291c9dfb58e92b842e75336fac2de5a16c91e35308d27a527911fa
bf00a1d42dfd379e983ad66542c2956a80572289440f8e740ea30680564ef4a1
bf557beaf4a8c928bd1b1a57b4183c4bb53506fe0669fbf2395665dec88fdfec
c2a790749293bd278e4186254ef12782239edd1154131ea20253ad1b3aeb49ad
c4190975dbd449e8317f6a25c4a626683b90dc49b6d5f87d2d6a0b545669ef3d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c839c7b8a6d7c7c9714f6265578086f6314adfef41ff5eeceabf662c6d21e70b
ca419686788ffefde8b85d068c045c6a9dbca96bac7b99d8d187270d439fc8a4
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb9052e8a2af5b8c4029e22c4b7bbc2d842b463c91e25526d04fe2fb8039fdbc
ce910d79de880dd97174de992a10a76156284dfa7b6a30f667833bbc12306489
ced8407b42aea26b55f3c703619bdf8d1a1f225e417896cd1017f00b89e668c9
cfa1c29b06dde362328959aa2fe3ccecc20c4efa0d07a1cd4ab01311cdf66422
d08129012e9b0a8837b281e5d27f77ceac700407345530ef55372cd452da407f
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d257d53881392769d5db791df016fd74fafff4ef6beebbdbee59a7a76a1f8cfd
d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab
d4dc518e243d06f337b00ed6c623f2aff3c67aa179a08b68f875e470898a5df4
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d649c4a85256d58d597860ce1cd20c70f74f166d34eb36455147457a37c80a90
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7c10c50dc0426f4fd365a500ca3ab26fe2b4a1693e360e7671a46f6c4fac44b
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94
da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e
dbf6beb89fb94d713cb006197d35a4a7f2fce6acb068a2cf716e20dc1e3307dc
de3d026abe0becba8aa5b7c32bdb5ef2f69f1acf2c899b6c3f0f1f7147ed48d2
df5717035efa14bc33bada74d6eccab32efd6bc1156238fb46573f2f341cd53b
e0360f0e798406f9ddb243012ae91f049cb715336f5a322cb21dc6972a1c4392
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e29c35517912aebc722b87fcb35a346c06d92c93c440f1a0ef706f5edd5d6ff4
e2aa0c7854e40d3c98add7b233c695057fc70b36f05bd41e23a9f00275061bd3
e3499c40fb2a828918f50d4d4b1daa09d3b3470a48033136ec99afd3300df608
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e517bfe969e4d54d052e0e7132711cb2dbcd4ddd905e228f0e38210bfb17435d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb734f4a32b336c966dbb4ffe07a1d592efde0fd3863da28ec01c0073e4e9018
ec75992b2219fffefcfe8ba6094466dc3aa5d410cba0a71da2052123448de0ec
ed723041b617707f4c5877d298d024e342ca47800ca1b7a9e8e664a20ffa0549
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd696881eb645c02b969a2e8d7902153b3db306e51aa7f24d87ef678675343f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f8cd993d184ae0c753ea41ede4bcd502344aced6b0ac15b37c779adc45e7ff38
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

xuxatv.com.br Open in urlscan Pro 2a02:4780:1:1009:0:217a:1b2f:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

416 Requests

92 %HTTPS

45 %IPv6

40 Domains

64 Subdomains

46 IPs

9 Countries

12502 kBTransfer

25744 kBSize

31 Cookies

8 Outgoing links

Page URL History

Redirected requests

416 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xuxatv.com.br Open in urlscan Pro
2a02:4780:1:1009:0:217a:1b2f:2 Public Scan

Screenshot
Live screenshot

Full Image

416
Requests

92 %
HTTPS

45 %
IPv6

40
Domains

64
Subdomains

46
IPs

9
Countries

12502 kB
Transfer

25744 kB
Size

31
Cookies

416 HTTP transactions
8 data transactions