urlscan.io logo urlscan.io
SecurityTrails logo

s.batsgo.com.br Open in urlscan Pro
47.251.13.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m-1666025320ug.hotvipsale.com/
Effective URL: https://s.batsgo.com.br/
Submission: On December 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 47.251.13.77, located in Santa Clara, United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is s.batsgo.com.br.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on June 28th 2023. Valid for: a year.
This is the only time s.batsgo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.79.218 13335 (CLOUDFLAR...)
5 47.251.13.77 45102 (ALIBABA-C...)
10 58.20.136.6 4837 (CHINA169-...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
1 5 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
2 172.253.63.154 15169 (GOOGLE)
43 10
1    104.21.79.218 (None, )

ASN13335 (CLOUDFLARENET, US)
m-1666025320ug.hotvipsale.com
5    47.251.13.77 (Santa Clara, United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
s.batsgo.com.br
10    58.20.136.6 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
static.oneinstack.com
3    2606:4700:3035::ac43:ad59 (United States)

ASN13335 (CLOUDFLARENET, US)
img.shields.io
9    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4004:c1b::6a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
298 KB
10 oneinstack.com
static.oneinstack.com
1 MB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
43 KB
5 batsgo.com.br
s.batsgo.com.br
4 KB
3 shields.io
img.shields.io — Cisco Umbrella Rank: 41084
3 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 hotvipsale.com
m-1666025320ug.hotvipsale.com
440 B
43 9
Domain Requested by
10 static.oneinstack.com s.batsgo.com.br
9 pagead2.googlesyndication.com static.oneinstack.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s.batsgo.com.br
www.googletagservices.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
s.batsgo.com.br
5 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 s.batsgo.com.br static.oneinstack.com
3 img.shields.io s.batsgo.com.br
2 www.googleadservices.com s.batsgo.com.br
2 www.google.com 1 redirects tpc.googlesyndication.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 m-1666025320ug.hotvipsale.com 1 redirects
43 10
Subject Issuer Validity Valid
s.batsgo.com.br
Encryption Everywhere DV TLS CA - G1		 2023-06-28 -
2024-06-28		 a year crt.sh
static.oneinstack.com
Encryption Everywhere DV TLS CA - G1		 2023-05-03 -
2024-05-03		 a year crt.sh
shields.io
GTS CA 1P5		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://s.batsgo.com.br/
Frame ID: 5996A59307CA51068ECF15555D20C741
Requests: 17 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: 14CB2392753DDC626F4C4132759748B7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 940E24256CB43A47ED3B1B3625797C50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Frame ID: C8182D849912D9C5674427D48B25218D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 65613FA3D4824D3CD69B090F471AC7CF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: D50555F07E38618B955A19ED87CB8DE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71DA00892FDC134D1D426697EE9318A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79FD0208CCA2B7ABEDF4D0F537B78EE5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to use OneinStack

Page URL History Show full URLs

  1. https://m-1666025320ug.hotvipsale.com/ HTTP 301
    https://s.batsgo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

43
Requests

98 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

1605 kB
Transfer

2580 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m-1666025320ug.hotvipsale.com/ HTTP 301
    https://s.batsgo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKZ1XqX-BZeLYHrmUxtYP1_-QyATf6smzdLacv97-EbCQHxABIPbBmBVgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE0gFP0DY3knddGxX_NOARJlLtOFrbx4EWPel9hoAy02y0hm3bjFqq3UGMda6mjj5Yz1-tHZeMMB0pC_UeXfvHCODVqcheNEhePmVuPMpIw6IqObM2BA-Hc1Ssm96_5CV9DTTWrn0E08Bw7YJraNnAQkOSkHb-l2dPBmkCN4Wx3AC-RkBJICd5VC4GvS3P9vb643wGF4tkj1ybxcFpgSsqdlcEGXIJuect5PAz12lQxKkIKyyagDng4I5e-23WEBLmzh07SS-c7Ne5cCKbCbRldel8KdbABOH39-GBBIgFl5vrkUOSBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDU-wvSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WISR4PGzm4MDmglEaHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lLz9idG49c3RhcnQmY2FtcGFpZ249MTgwMjI1ODM3MDOACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtoMEQoLEPCdk5fbkqPatwESAgED2BMN0BUBgBcBshccChoIABIUcHViLTQxNTcxMTMyNjYwMDE3ODIYAA&sigh=aF-kACd_uUg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_wYGOzzFWcDlGlXhT0PR4J8Cdag89fKLyxsR1mj-g_910FpwZ-7XnZI1gUg_stt0e_V-7xCumvEY4iAJGcWOcnC-aKu6lZGtPM4IYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x529d3158d4f20a2f0000000000000000%22,%222%22:%220xd0d43314a9bbbc350000000000000000%22,%223%22:%220xdb011144ec31c08d0000000000000000%22,%224%22:%220x5c50143ecadef2f70000000000000000%22,%225%22:%220x1a7889a0e6a12510000000000000000%22},%22debug_key%22:%225856206683592382440%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217231217564226836353%22}&andc=true

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
s.batsgo.com.br/
Redirect Chain
  • https://m-1666025320ug.hotvipsale.com/
  • https://s.batsgo.com.br/
17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.251.13.77 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ceba7ca727c83a3a019e16d12300ae134de87c14900905aad97374f696f1be02

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 19 Dec 2023 11:33:59 GMT
ETag
W/"64916c51-43b9"
Last-Modified
Tue, 20 Jun 2023 09:07:29 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
837f55687d5d2876-MIA
content-type
text/html
date
Tue, 19 Dec 2023 11:33:57 GMT
location
https://s.batsgo.com.br/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUhaURQBYYkQ9vD84e4R%2B4XJNTn3ZvWuYvtKJPI4M6ML%2BPtF9OEwZEwI0WO2WVF%2FzP1OVVy0EZRsncVrYLPNUMfyxGHBYxWxC0NQWF64aj2T8hpyiWJxm05flsL6lRhaQ%2FJ4ul3FE0txx2X0%2F5yxAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ois.css
static.oneinstack.com/assets/ 		139 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.oneinstack.com/assets/ois.css
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Age
982015
x-link-via
yyun17:443;lismp12:443;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-35, HIT from KS-CLOUD-YY-UN-17-05
Connection
keep-alive
Content-Length
21572
Last-Modified
Thu, 17 Aug 2023 03:45:47 GMT
Server
nginx
ETag
W/"64dd97eb-22ce3"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Cdn-Request-ID
04e4693671f7da34ee24f11018f7e0d9
Expires
Sun, 07 Jan 2024 02:47:05 GMT
vhost.png
static.oneinstack.com/images/ 		379 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/vhost.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:53 GMT
Server
nginx
Age
982018
x-link-via
yyun17:443;ldmp12:443;
ETag
"64dd97f1-5ece5"
X-Cache-Status
HIT from KS-CLOUD-LD-MP-12-18, HIT from KS-CLOUD-YY-UN-17-01
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
59ebcdf3fa6cb3773a96a06f4b0f64f2
Content-Length
388325
Expires
Sun, 07 Jan 2024 02:47:05 GMT
vhost_del.png
static.oneinstack.com/images/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/vhost_del.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:53 GMT
Server
nginx
Age
982019
x-link-via
yyun17:443;whmp01:443;
ETag
"64dd97f1-bd02"
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-02, HIT from KS-CLOUD-YY-UN-17-07-L
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
a453787f100892b35cdfbbf9f18b4018
Content-Length
48386
Expires
Sun, 07 Jan 2024 02:47:05 GMT
pureftpd.png
static.oneinstack.com/images/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/pureftpd.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:52 GMT
Server
nginx
Age
982017
x-link-via
yyun17:443;lymp01:443;
ETag
"64dd97f0-20c9f"
X-Cache-Status
HIT from KS-CLOUD-LY-MP-01-25, HIT from KS-CLOUD-YY-UN-17-05
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
f60f8bf88bbebcf9649e4f1f8dd528fb
Content-Length
134303
Expires
Sun, 07 Jan 2024 02:47:05 GMT
backup_setup.png
static.oneinstack.com/images/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/backup_setup.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:48 GMT
Server
nginx
Age
982016
x-link-via
yyun17:443;whmp01:443;
ETag
"64dd97ec-1d97f"
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-12, HIT from KS-CLOUD-YY-UN-17-08-L
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
7676a89009ec57c8c5b70e95335334d8
Content-Length
121215
Expires
Sun, 07 Jan 2024 02:47:05 GMT
upgrade.png
static.oneinstack.com/images/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/upgrade.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:52 GMT
Server
nginx
Age
982017
x-link-via
yyun17:443;jnmp22:443;
ETag
"64dd97f0-24505"
X-Cache-Status
HIT from KS-CLOUD-JN-MP-22-08, HIT from KS-CLOUD-YY-UN-17-10-L
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
ac5caa8d12e177201fe35c647a46a0f2
Content-Length
148741
Expires
Sun, 07 Jan 2024 02:47:05 GMT
uninstall.png
static.oneinstack.com/images/ 		234 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/uninstall.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 21:27:43 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:52 GMT
Server
nginx
Age
914781
x-link-via
yyun17:443;jnmp13:443;
ETag
"64dd97f0-3a9a8"
X-Cache-Status
HIT from KS-CLOUD-JN-MP-13-18, HIT from KS-CLOUD-YY-UN-17-04
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
d9eb44ad883a023163fa22bdaec1c589
Content-Length
240040
Expires
Sun, 07 Jan 2024 21:27:43 GMT
Paypal-donate-green.svg
img.shields.io/badge/ 		1 KB
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/Paypal-donate-green.svg
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ad59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:33:59 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83155
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Dec 2023 04:05:23 GMT
fly-request-id
01HHYEBKQ7GSQTEEQR25WVC47X-mia
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ko%2BSnnsXaHVr65zPWb6pJTe57eKjJNsg2kfZfZ9XreXrzpGyPhAMGI00s2ETdSa7foje1rdaNLYwf9689H60A3mULReT%2FfQzuIsAoqvZ5lE8RKHqIXYZ6gmTjdxp4Ua%2FzvgX2YCRdBpYCqAV%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
cf-ray
837f5575492e25a1-MIA
Alipay-donate-green.svg
img.shields.io/badge/ 		1 KB
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/Alipay-donate-green.svg
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ad59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a2953e02d27e18441f20bcc24a588f2c5d9c16417e037b8af71c5dbb3aa64e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:33:59 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 19 Dec 2023 04:05:09 GMT
fly-request-id
01HJ0XN9ATYHZMAKEF8A8HHRK0-mia
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oxjbnmOTTBV%2Ba4Rp%2BCnd6enfURHG02FZXgL1rBVr8yTSSQgsH61qCSJvc%2Bz7EFuBzhi5Y6kC2guX7VEKmzzHkFwE7OK8%2F2tMvDIVEjIiei6hP97Vb1NMM%2F02gD63n49pgZq9slnxWdMRP%2F5sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
cf-ray
837f5575492f25a1-MIA
alt-svc
h3=":443"; ma=86400
Wechat-donate-green.svg
img.shields.io/badge/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/Wechat-donate-green.svg
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ad59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e16ade5192e597f322741b340137a21dc9947febf9dc464f03a5421c782b80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:33:59 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83155
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Dec 2023 04:05:22 GMT
fly-request-id
01HHYEBKKB16Q1YJK0VEJXP8EV-mia
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6rjbEklm2Q9iLBrlOovXOsA37pGGK61B%2Bsq0O9qiIGMbXMveI0TaTj%2B2A0%2FssBDdHkp7yntx8HdzfLP4iIWvhZFmwPq17NBHV%2BjTnS2QYJ3S9bAt%2BZ3MCHouO1K3NI%2BdBE4qSzHwEOrJkEqXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
cf-ray
837f5575493025a1-MIA
pay.png
static.oneinstack.com/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.oneinstack.com/images/pay.png
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
f510208b9a91e7b867214ba22e49dda278b9a72e087ee1195691d259cbab43b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 17 Aug 2023 03:45:52 GMT
Server
nginx
Age
982020
x-link-via
yyun17:443;hamp14:443;
ETag
"64dd97f0-bb13"
X-Cache-Status
HIT from KS-CLOUD-HA-MP-14-29, HIT from KS-CLOUD-YY-UN-17-02-L
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
ffef61bdf932f2b4d3d3d73ed4207c62
Content-Length
47891
Expires
Sun, 07 Jan 2024 02:47:05 GMT
ois20190114.js
static.oneinstack.com/assets/ 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.oneinstack.com/assets/ois20190114.js
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 02:47:05 GMT
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Age
982016
x-link-via
yyun17:443;lismp12:443;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-04, HIT from KS-CLOUD-YY-UN-17-06
Connection
keep-alive
Content-Length
62047
Last-Modified
Thu, 17 Aug 2023 03:45:47 GMT
Server
nginx
ETag
W/"64dd97eb-32de6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Cdn-Request-ID
276e1de25d397ff54cad5006dda8266d
Expires
Sun, 07 Jan 2024 02:47:05 GMT
ad_buttom.html
static.oneinstack.com/ Frame 14CB 		629 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.oneinstack.com/ad_buttom.html
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.20.136.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://s.batsgo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
982015
Connection
keep-alive
Content-Encoding
gzip
Content-Length
403
Content-Type
text/html
Date
Fri, 08 Dec 2023 02:47:05 GMT
ETag
W/"64dd97eb-275"
Expires
Sun, 07 Jan 2024 02:47:05 GMT
Last-Modified
Thu, 17 Aug 2023 03:45:47 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
X-Cache-Status
HIT from KS-CLOUD-NT-MP-01-30 HIT from KS-CLOUD-YY-UN-17-08
X-Cdn-Request-ID
9576b258a1f10541e808ad3de91fa91c
x-link-via
yyun17:443;ntmp01:443;
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 14CB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6206158e21075b6cb4293e5f92d19a484ca3b685657a8feb45a71cf5a8163e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.oneinstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10267
x-xss-protection
0
server
cafe
etag
9083021462332296014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:34:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 14CB 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b578ba5e28d661feead39c955c4912a0f913c28740c910134a4a28ccb27792d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.oneinstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51283
x-xss-protection
0
server
cafe
etag
11234441947640783139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:34:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 14CB 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.oneinstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137916
x-xss-protection
0
server
cafe
etag
1916131603004031834
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:34:01 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 940E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static.oneinstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 00:43:10 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 00:43:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C818 		103 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
772deea34a218b5bd61316e855ca9c04966a3a86de5a1c7e6db4063d260bbf2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static.oneinstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39524
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 11:34:01 GMT
expires
Tue, 19 Dec 2023 11:34:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
phpinfo.php
s.batsgo.com.br/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.batsgo.com.br/phpinfo.php
Requested by
Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.251.13.77 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 11:34:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
552
Content-Type
text/html
ocp.php
s.batsgo.com.br/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.batsgo.com.br/ocp.php
Requested by
Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.251.13.77 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 11:34:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
552
Content-Type
text/html
index.php
s.batsgo.com.br/phpMyAdmin/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.batsgo.com.br/phpMyAdmin/index.php
Requested by
Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.251.13.77 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 11:34:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
552
Content-Type
text/html
xprober.php
s.batsgo.com.br/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.batsgo.com.br/xprober.php
Requested by
Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.251.13.77 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.batsgo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 11:34:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
552
Content-Type
text/html
6037295749612901032
tpc.googlesyndication.com/daca_images/simgad/ Frame C818 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6037295749612901032
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62dc9d76b5d861c7b7ffcb74620def984288966d08bf6ad0fb80ce72900644f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 21:52:00 GMT
date
Sat, 16 Dec 2023 21:52:00 GMT
x-content-type-options
nosniff
age
222122
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Sat, 05 Nov 2022 17:14:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C818 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 21:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
51808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 21:10:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C818 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
71348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:44:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C818 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 11:05:47 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C818 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:34:02 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C818 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 16:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
68563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 16:31:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6561 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
128
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 11:31:54 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6561
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 11:34:02 GMT
expires
Tue, 19 Dec 2023 11:34:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 11:34:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C818 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e64092804e382a51872ea304ae165e52c38247890314941f212eee8fbea248f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame C818
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKZ1XqX-BZeLYHrmUxtYP1_-QyATf6smzdLacv97-EbCQHxABIPbBmBVgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE0gFP0DY3knddGxX_NOARJlLtOFrbx4EWPel9hoAy02y0hm3bjFq...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x529d3158d4f20a2f0000000000000000%22,%222%22:%220xd0d43314a9bbbc350000000000000000%22,%223%22:%220xdb0111...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x529d3158d4f20a2f0000000000000000%22,%222%22:%220xd0d43314a9bbbc350000000000000000%22,%223%22:%220xdb011144ec31c08d0000000000000000%22,%224%22:%220x5c50143ecadef2f70000000000000000%22,%225%22:%220x1a7889a0e6a12510000000000000000%22},%22debug_key%22:%225856206683592382440%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217231217564226836353%22}&andc=true
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:03 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x529d3158d4f20a2f0000000000000000","2":"0xd0d43314a9bbbc350000000000000000","3":"0xdb011144ec31c08d0000000000000000","4":"0x5c50143ecadef2f70000000000000000","5":"0x1a7889a0e6a12510000000000000000"},"debug_key":"5856206683592382440","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"17231217564226836353"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 11:34:03 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 19 Dec 2023 11:34:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x529d3158d4f20a2f0000000000000000","2":"0xd0d43314a9bbbc350000000000000000","3":"0xdb011144ec31c08d0000000000000000","4":"0x5c50143ecadef2f70000000000000000","5":"0x1a7889a0e6a12510000000000000000"},"debug_key":"5856206683592382440","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"17231217564226836353"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 14CB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f89a97eb8f18451e648a7b76d5eeed83041afe75a04e9f9194a4d6f4fbdd58a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.oneinstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12211
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame D505 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702985640828&bpp=247&bdt=248&idt=578&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&correlator=827756534552&frm=22&ife=1&pv=2&ga_vid=1029711026.1702985641&ga_sid=1702985641&ga_hid=1521838286&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079759%2C95320884%2C95321252&oid=2&pvsid=935736907584565&tmod=1603537811&uas=0&nvt=1&top=https%3A%2F%2Fs.batsgo.com.br%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4qfmpkmh9kza&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
337008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 13:57:14 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x529d3158d4f20a2f0000000000000000%22,%222%22:%220xd0d43314a9bbbc350000000000000000%22,%223%22:%220xdb011144ec31c08d0000000000000000%22,%224%22:%220x5c50143ecadef2f70000000000000000%22,%225%22:%220x1a7889a0e6a12510000000000000000%22},%22debug_key%22:%225856206683592382440%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217231217564226836353%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 11:34:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 14CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.oneinstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 71DA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static.oneinstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
32054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 02:39:48 GMT
expires
Wed, 18 Dec 2024 02:39:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 79FD 		829 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
85ea785a565b2f5946de22ba248ad0bf0beb95e7c616e6a98ff9d172eb7ab077
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4nG3auLU_5cs3a7ph5Qrmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.oneinstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4nG3auLU_5cs3a7ph5Qrmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 11:34:02 GMT
expires
Tue, 19 Dec 2023 11:34:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 71DA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 02:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
32018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 02:40:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 79FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=935736907584565&rc=
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 71DA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UzGpuA
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 11:34:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C818 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRoZeMavDqoWogGJiFUpocNKFMGu66134r0ZpMaDN9OufnZmpkYfgb9gZPmzs7Rd50Jliu68xcXnLpviq4hvPLBSI8CKXS2kSASVMLJciLWOAuFj_fR3329yN_mu5hkbohiMqptSMW2jmgkGNsJgmJ6XDA&sai=AMfl-YTbLi_-JlA64m8d2Gj4N4KURLyYnS6LiGQf7EoM5vnR27UujDv8DEYw0XtUVJr08Z-UU7bWFlvTvxSEvhVcOAfmbNMoT9gGhKH9p3PUJwtac6WpPK41m_AyD02tPZATrO1wk6JCAk_vPwFc4eD7RQ&sig=Cg0ArKJSzHBDFmvjUF3sEAE&cid=CAQSTwAvHhf_wYGOzzFWcDlGlXhT0PR4J8Cdag89fKLyxsR1mj-g_910FpwZ-7XnZI1gUg_stt0e_V-7xCumvEY4iAJGcWOcnC-aKu6lZGtPM4IYAQ&id=lidar2&mcvt=1001&p=0,0,60,468&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3616527039&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702985641445&rpt=991&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 11:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 14CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=935736907584565&bg=!NjWlNXrNAAY3kmNgF5I7ADQBe5WfOBqNn1HwlzSiOREf-OyE0XNZMpHk4IpvrLHvZCZ5O11iHQI-Puis_1GrPR0IngFQAgAAAJtSAAAAA2gBBwoACiyuAOrw9QB_T_GZAxJo0sT2WZH1Lh1Igjkq8cQOhRmeDW9l0qdcg3Hjlri9jSN-JAkO-ge6anKKUUO8qD_F_7xoQQmDmLcdRvmiGlNWLPH58ZpT9jErYY8VSpyARIG47bIDTq-o_X4vncKZa3qOGyzs_ADhB7Aq1c4mEkjyRUmybzJmNlGgUshDMvyopa80Rwu8oQU_FCZBMgVk36d0oyfP6Y7cdYCrQ8zsHzuzGIo-2Z2lKnC41sjJkwth4pn4CdzUZs4dURqg6_wcJLX3dJxcANfPRM5BhOUKG6pezzD745z7oWv4PJRpPTfJbmPFvzUgFw3ylVs6Su8hHmy5QyyJFCXwHnm80PBs7ng8WB9xB5x8CB4XbUlKJv5j_tGanktxA4h8_rEuXddUaDjdW5L1cMqu1m5jws1_q2-K6M2sFTzRLZBD2lBxWvobIO9VghTKBSNjX-aee_e8ekz0AMxaOu3xFUb7FuyQxo0LwQkgD3lmzFhrSNrJwFjdmwg78bSc0P5N-QrwhbmolUn4e041L6XlMfr-9QSXov9nBtSzG0VyIdXh_RJ6z4MyBUz_M7Fvv3-aJ1TwHda-5BP17FPS8N_fYmDM10lzEIhah2Llc3Wwm3P2HxoKWQLxQJ7wUoSvbF9sERjUwAaDQALrXBezv37ND5gDcu270VIwGv11OoRWT6q9-PH-JOiH-hECL6dGPSDsgusBfA3D3juqoxhs7WBlbYF7X9DxwpFM0KQwOSZ6YYYCeQmU6UIuPCIRQqluZsWaf7_gUq3hM2VXIRljRkw6ifRypuJDJBECky3qa1wtItONTNRowW8xxkpba5TO7Bt7i-Ms-7qtxQ-iPJZi9NVdzO6_4nj9DnPqvuvhos2NG2WnNY58yfU6BjXws0TPakOBlYEFXMM3wDy2EENQqQfMApvnN8AZUE50THa6-nu5R0BxkEtWkfmFakwjSs-2zNTlgMrCSCgqpIIniGyvnhW_SclRcEPKDNM2cnu7y7XBgYPTxSl-ovsQm1NUCwvoq1VhX23yVzeVBXQhScwrRa3bXnGrUiGCc5lwAz8
Requested by
Host: s.batsgo.com.br
URL: https://s.batsgo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.oneinstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| fileExists function| $ function| jQuery function| Popper object| bootstrap object| core object| __core-js_shared__ object| feather

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUk0i2yyICJ_ps7xWUzT1A1SF0TUyG5bScP4_aBO8n4XFesTMrKQZM1oTdfiS1I
.googleadservices.com/ Name: ar_debug
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36)
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36)
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36)
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36)
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
img.shields.io
m-1666025320ug.hotvipsale.com
pagead2.googlesyndication.com
s.batsgo.com.br
static.oneinstack.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
104.21.79.218
172.253.63.154
2606:4700:3035::ac43:ad59
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c1b::6a
2607:f8b0:4006:80b::2001
2607:f8b0:4006:823::2002
47.251.13.77
58.20.136.6
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b578ba5e28d661feead39c955c4912a0f913c28740c910134a4a28ccb27792d
3e64092804e382a51872ea304ae165e52c38247890314941f212eee8fbea248f
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6206158e21075b6cb4293e5f92d19a484ca3b685657a8feb45a71cf5a8163e26
62dc9d76b5d861c7b7ffcb74620def984288966d08bf6ad0fb80ce72900644f8
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
72a2953e02d27e18441f20bcc24a588f2c5d9c16417e037b8af71c5dbb3aa64e
772deea34a218b5bd61316e855ca9c04966a3a86de5a1c7e6db4063d260bbf2f
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
85ea785a565b2f5946de22ba248ad0bf0beb95e7c616e6a98ff9d172eb7ab077
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
b8e16ade5192e597f322741b340137a21dc9947febf9dc464f03a5421c782b80
ceba7ca727c83a3a019e16d12300ae134de87c14900905aad97374f696f1be02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f
f510208b9a91e7b867214ba22e49dda278b9a72e087ee1195691d259cbab43b8
f89a97eb8f18451e648a7b76d5eeed83041afe75a04e9f9194a4d6f4fbdd58a5
f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2