urlscan.io logo urlscan.io
SecurityTrails logo

cm-ob.pt Open in urlscan Pro
2606:4700:3031::ac43:93a4  Public Scan

Go To Rescan Add Verdict Report
URL: https://cm-ob.pt/
Submission: On December 07 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 6 countries across 22 domains to perform 155 HTTP transactions. The main IP is 2606:4700:3031::ac43:93a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is cm-ob.pt. The Cisco Umbrella rank of the primary domain is 815719.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2022. Valid for: a year.
This is the only time cm-ob.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 99.86.4.86 16509 (AMAZON-02)
2 147.75.85.234 54825 (PACKET)
5 37.157.6.233 198622 (ADFORM)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 135.125.163.79 16276 (OVH)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 185.184.8.90 204995 (RTB-HOUSE...)
2 37.252.173.215 29990 (ASN-APPNEX)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 37.157.5.71 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
1 64.233.167.157 15169 (GOOGLE)
3 34.149.12.213 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.198 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.162 15169 (GOOGLE)
155 33
47    2606:4700:3031::ac43:93a4 (United States)

ASN13335 (CLOUDFLARENET, US)
cm-ob.pt
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2156:b400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:225e:aa00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net
optad360.mgr.consensu.org
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
2    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
2    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
15    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a02:26f0:64::210:6ad8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
3    2607:f8b0:400c:c14::5e (Charleston, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net
bid.g.doubleclick.net
3    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:17::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednde.c.2mdn.net
2    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
ade.googlesyndication.com
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
47 cm-ob.pt
cm-ob.pt — Cisco Umbrella Rank: 815719
2 MB
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
ade.googlesyndication.com — Cisco Umbrella Rank: 284
151 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
bid.g.doubleclick.net — Cisco Umbrella Rank: 749
ad.doubleclick.net — Cisco Umbrella Rank: 173
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316
235 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
63 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 4061
track.adform.net — Cisco Umbrella Rank: 3622
s1.adform.net — Cisco Umbrella Rank: 7620
46 KB
5 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 470
rtb0.doubleverify.com — Cisco Umbrella Rank: 751
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 15724
26 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
imasdk.googleapis.com — Cisco Umbrella Rank: 437
137 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1080
r2---sn-4g5ednde.c.2mdn.net — Cisco Umbrella Rank: 654307
s0.2mdn.net — Cisco Umbrella Rank: 288
2 MB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
128 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 49977
get.optad360.io — Cisco Umbrella Rank: 33722
214 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com Failed
2 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6154
341 B
2 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11228
sync.quantumdex.io Failed
393 B
2 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9776
3 KB
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com Failed
166 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1033
183 B
2 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 52628
15 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
12 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7808
792 B
0 adsrvr.org Failed
match.adsrvr.org Failed
0 criteo.com Failed
gum.criteo.com Failed
155 22
Domain Requested by
47 cm-ob.pt cm-ob.pt
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
imasdk.googleapis.com
ad.doubleclick.net
8 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
www.googletagservices.com
6 fonts.gstatic.com fonts.googleapis.com
4 www.googletagservices.com 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
ad.doubleclick.net
3 googleads4.g.doubleclick.net ad.doubleclick.net
3 googleads.g.doubleclick.net
3 csi.gstatic.com imasdk.googleapis.com
3 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adx.adform.net get.optad360.io
s1.adform.net
3 fonts.googleapis.com cm-ob.pt
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
2 ade.googlesyndication.com
2 rtbc-eu3.doubleverify.com cdn.doubleverify.com
2 r2---sn-4g5ednde.c.2mdn.net
2 cdn.doubleverify.com s1.adform.net
cdn.doubleverify.com
2 imasdk.googleapis.com 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
2 s1.adform.net cdn.jsdelivr.net
track.adform.net
2 track.adform.net cdn.jsdelivr.net
s1.adform.net
2 ib.adnxs.com get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 useast.quantumdex.io get.optad360.io
2 rtb.adxpremium.services get.optad360.io
2 hbopenbid.pubmatic.com get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 optad360.mgr.consensu.org get.optad360.io
2 cdn.jsdelivr.net get.optad360.io
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
2 get.optad360.io cm-ob.pt
get.optad360.io
1 s0.2mdn.net 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
1 ad.doubleclick.net www.googletagservices.com
1 gcdn.2mdn.net 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cmp.optad360.io cm-ob.pt
0 ads.pubmatic.com Failed get.optad360.io
0 acdn.adnxs.com Failed get.optad360.io
0 sync.quantumdex.io Failed get.optad360.io
0 match.adsrvr.org Failed get.optad360.io
0 gum.criteo.com Failed get.optad360.io
155 42

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
no.cm-ob.pt
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-26 -
2023-06-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.optad360.io
Amazon		 2022-10-17 -
2023-11-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
optad360.mgr.consensu.org
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-29 -
2023-02-07		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://cm-ob.pt/
Frame ID: C05C7F2AF8FFF463B73DEC3D960B488C
Requests: 85 HTTP requests in this frame

Frame: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 358736BDC4F356F342DA0079511066A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 554FE2F32D32EC8573D08BFC53DD2BC0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC4692116725429E083D642C51D1533F
Requests: 2 HTTP requests in this frame

Frame: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BED4768F243A7E61B6EB2303826EFE2E
Requests: 8 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59953019;rtbwp=jfZ9B69n36oQbpIgya3xbutjcxmFbeTX0;rtbdata=yEFHjpLMPkrQKgtHgdebwtdEMwA3gwCyNgO8USW8YxEjgVvQL93P7xugVsbtTSWsQXMshdzqDiVEVfIPGYUo2KPIki8ts18xKx4coeK5RQRQcAlPi1Gdlp7tZb-Q5KvRLMQvCjo7ZLc8OjDFrNLHlW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGReGoU_acw1ziKlIVB8GRaNEPz5nwR80-ZobaDlF97_-OCT1AMnbBGpfuEv7lD3JxtbLrvapIC6bX7H6_NPsDgS4iHMporlN8yb_bM2ENAfq1B8hDbv55vSg1KuOqTAmLI30oqM5qEtfl7UdPwjxOrmefFqoW_Uv7cOa3Zdu3iTVzpiW_rQbTGDAoWjsbDh2OJKlMtGeRisMRaUxuOeVNOvSWtAO4uaJ3oYh4ALc1wU5ZlPf34LqPSEsb_2Dur6Uph0;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CLAbGff6y-MqHMLsI0XOHQZVzqGChkyJieHSvxjbglFjRi7NilCba5T7WXJg35mTUgfwZVnb2gZI9rcDZCZXL58hMfj0tTa-B6zogkUgvA9RDooBt37AffIMIeNfh-QlQXMshdzqDiVEVfIPGYUo2KPIki8ts18xIlvdpQq-gUfWLEXnpOMBellxC1NE8z8pln8BetTtWr4DeDr6Pj76wMWjAexNyLOV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEb47TYVrNM5IqSJ5QRBtfPV7EvxPVwR0_4jG0VM71YqapA91K7iSmjd6vWmW1dlSa0;
Frame ID: BB8B5A4A1176F16BBB9568C86E1FDD2B
Requests: 20 HTTP requests in this frame

Frame: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2E96E0D33D6BFA70BE19D29D3E938F16
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C0B11C4E2465D975E02A50A3D743EF80
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 22D6C007284CE7F294D0F0E27996E9D2
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: F9F8F2A1093D545F338089B2AA0D6FC1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A0873FE01248CBCD5282BBE7DAE0F26E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 9EF69D9D24BD3E2A5A4B994901321837
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 90A100501901FE8BDFABEAF35E3ED134
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 8AED43F8D42E6CB99B87270E5C84309F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 039C563690CC0504E7C171D32D07CB66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Filmes, Programas De Tv, Anime, Podcast | Dezembro 2022

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

155
Requests

94 %
HTTPS

61 %
IPv6

22
Domains

42
Subdomains

33
IPs

6
Countries

5507 kB
Transfer

8125 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://gcdn.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A6369BACF32377B1302B5F082D8D11856FD5D9E4.9A3566A9795F2A671370F0601701074245499F76/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0668A8E4EB2CA35209AE362F026D3506E4EFF6BE.55873A7CFF9832910504902E8E3DF9DB16827F27/key/cms1/cms_redirect/yes/mh/Xk/mip/2001:ac8:20:3d00:1011:f5cd:ee1:d035/mm/42/mn/sn-4g5ednde/ms/onc/mt/1670440384/mv/m/mvi/2/pl/50/file/file.mp4

155 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cm-ob.pt/ 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f94faeb226047b9b7c9a4f30aecfa7700e8f5952c9d48fd2ba7c5ca6d07ad7f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
775f9fcb1b44ca37-HAM
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 19:21:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApZNyyJEIY%2F5qpoTNEYQEA9bdYcoMbhwal7xM6I%2FSKF4e3eUDqz1ifUGhFGaLzYf7CpQzieNItwpY7hhFIcIwAQ41drJFa93Rr%2BSawjB6PoFmkUOsv4ly9zD7niHuw9O6LHcZ7ouKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700&display=swap
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8e757bf3950349d716928b1b3729d44f5c45084cb072930f83ca80e84b5f071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 19:10:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 19:21:25 GMT
css
fonts.googleapis.com/ 		9 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:44:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 19:21:25 GMT
open-iconic-bootstrap.min.css
cm-ob.pt/template/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/open-iconic-bootstrap.min.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7236018adee6435646b8affbcd4392237716caf04db52641859e35435331905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528934
etag
W/"60fe99ed-24fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pAz7pZahLaDvR1pHu%2FC6PzwXPq61IjWhtMiotkUt3r9YSYuv74W0ZCQRzaM5rLpz%2FE0YV1gL2NSbaSCYQlRa0MY4Iuy8L%2Fyu2CyMnppTeVaY%2BCZWuuRF4e3bcwye7HWf%2FyNTlVgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcb9c29ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:52:31 GMT
animate.css
cm-ob.pt/template/css/ 		72 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/animate.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5c5e731b8c995ac40ce247ab42366d7df4cea7522f743480afb9be0a93ad2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-11fa9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FDm6xpqkcflLNhCSznzI3qx43s5zuh2pshOdypYMI%2FgUZcEMlcVro01YF3pLa4suRjSUu1zSxyr6AEVbPT5KAsaqew%2FnohPZhJc3StPWMXEzNOeSnJPnBUaswngcobmGpBix61wJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcb9c2dca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
owl.carousel.min.css
cm-ob.pt/template/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/owl.carousel.min.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-d70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTGHaaimrWsS4TY44Y1uvAQExLhqFR3UyWnlntMvclMD42Xe83HzxzGlora5jzse8ZzMEHtIBwXb9BHM9niHFxY%2B%2B3V4qKyIjuYW%2BzjfUhUCEOke6Wryk1edPtcGS63xfqtufoBXpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcb9c30ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
owl.theme.default.min.css
cm-ob.pt/template/css/ 		965 B
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/owl.theme.default.min.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-3c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQTB0hwc39t2byEpAzQdMxSZxYuFlPnbUVooN%2B3K%2BweNroiNbhnpMADFYeH3mZ5IImM%2FKakO5Y4It2upWs6PF472HD3D9UjWjsDli3PA7B8RgYv7Irq%2FbKegqH5RSIyabncHb8uImQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac38ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
magnific-popup.css
cm-ob.pt/template/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/magnific-popup.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-1b26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9aI2bLENpYatmUrVSS6iLMYbP5WLz1KONDvWYyPnGfM6aAvSBHW0wVm6LUJHB%2BJPmFxS5DIwLu1wiOu141jkmnvoPjXOoHnXsKbAdkAKBKMxZmjgmq9ETQTsNnaN10RhPALpMNaBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac3cca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
aos.css
cm-ob.pt/template/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/aos.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-657f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7XCkwJAjnbZBb3HwXeKLJ3KUB5nxc5XBqRfijxDk0b1%2F%2BzZzA%2FcBQzuiuPOkXQb5AUXmAJYp481q40Qv8nWc2%2FbPZab3NU52LGdf3Bz%2B9D6QbEXfAN6A4qzUstuXRQu76s0sGQBrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac42ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
ionicons.min.css
cm-ob.pt/template/css/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/ionicons.min.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34b5fcade85366776a2c6bddf24a58ceaff7d2eb8ba4bf4496df1adb31d2ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-b6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQo4ImRdXnvbir8DX3ZywcptUJXaLo5BFigFApE%2BJ13lD23r7Q127HHtGEriImgxfEaVbqA8VN7nDbeOcBjkI%2BIEhthbZy2KNJmZG1o9i4rnoz2UFxsCa4iMlfpfwKxKZLo8dqOKSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac49ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
bootstrap-datepicker.css
cm-ob.pt/template/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/bootstrap-datepicker.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35652aad571df0e1e44b47da8a656ef45fd0050fd5c95047d69adab4bb60753f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-4619"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpDYj3FXiNGj9%2F5t5FDvVAD3z3iwyEG9Ei2fgG2TqEXTJ61r5NsXP48mZESPLyxFSy%2B0ts%2B0iJ3bNKE07mXAmd9DvxHr%2BuVpb9CpQfvlZP8AQCk3lM3znWOZBKjDXj8U39yPfIVt9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac54ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
jquery.timepicker.css
cm-ob.pt/template/css/ 		2 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/jquery.timepicker.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d385da55b86dff0c7514007841a085f9623f644ad2aae6b6149caaf5f2898cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-634"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Qw%2B1R0NyBcyyByM9yh26jL45PxFKgwOceSgLFfRFeFYtNF%2F1cnD0uMfBLnFXvMxrfinxYSeSx7PvjKc0%2BUdQBDqvfk9sVNpiT93L%2BC850ZVFSp3srtTCzo9TSjNLoZAiesnGC7p5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac59ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
flaticon.css
cm-ob.pt/template/css/ 		1 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/flaticon.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d860e352529bca1f3289abf6b57ad8fff69032e2c4d98cf09e4ad3d6650f3b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-4c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghhgtCLkgtUwppvc0yB0oeUWtBp4QdTbyV7t4HVnDRml0BwkmjseONQRTgADnc%2BL%2Fm%2FjjfDSDutlorAbkm0T%2BF2oHe9xUywupGZ7X5bTCHuyr%2Bb6pk6l127aX%2Fvj28VDYo2FATNGCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbac5cca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
icomoon.css
cm-ob.pt/template/css/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/icomoon.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3f0bcae6e5d7f81ad1868d5a61d1538dc460c9efc955931eec63ed7b02febc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-13803"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdISOOjovYX3rVuHAusHtRImEAEdOS%2FTDX4AGxCNqyrhZoVJYmsW7ItBsSC%2FdC%2BUv%2FjnWdlwFdwqlAdKWGg9h4XHOj3fBzAg28m7TS7hP%2FcsKb0TXDDnurJCmo%2FJGUuVUpmwDTK%2BkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbbc69ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
style.css
cm-ob.pt/template/css/ 		223 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/style.css
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0ddf69f98e325bbefb9ba9daa8c8d69b8541c0defc28f2059bafccc6915bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528983
etag
W/"60fe99ed-37d34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWsxSrINFqrr8IknRCB8%2FAheED1N7wwjVsRltMPk%2BxxaRECl1lOYd7vt5%2FlgmCr7eAXzviNwIumjchnPXiUj%2BniD%2FWVWDiUXyF99U6OT5IcrbNg3jDxZrhiq2iZKQIlX85FKWiGj5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
775f9fcbbc6cca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:42 GMT
5c4eb373-c4cd-467f-814e-3b38151658d7.min.js
cmp.optad360.io/items/ 		497 B
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/5c4eb373-c4cd-467f-814e-3b38151658d7.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:55:07 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
80783
etag
"7acdc116a0830ba0aef5e087010246ba"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
497
x-amz-cf-id
svOSiToiVc1_5KdOeCK6twDaQUd5KKB-SaFtyuE6QUPGpeZZNUyv9w==
plugin.min.js
get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/ 		271 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:aa00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a1c2e3df944f0d9d0c5af55489ebd21bb614c30e5a770455abec5e7fcb2e26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 09:30:01 GMT
content-encoding
gzip
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 09:29:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
35485
etag
W/"b22aba547b6b7cde42a2487962edde8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=604800
x-amz-cf-id
N1UPwcpdsByRZbcnK0MJrlWOw8KvNMB4N0hg13r3eDkOvwWW9FmTKA==
jquery.min.js
cm-ob.pt/template/js/ 		262 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-41706"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjZtB7sTiOTqyZ%2Brxf3Hd6NFescv%2B0Hm6Nw8B2mSov5%2BMjfcqlbt6J2%2FxSnPbbPpP1%2FXL4IuNMtUsyU4bS5wtP0BFuOslLVZO%2F9Rovap0FWWjJgpNqqmrCiBSZioj7djETCn%2FFUrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc6eca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery-migrate-3.0.1.min.js
cm-ob.pt/template/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery-migrate-3.0.1.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-2c9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a65loUr1F%2FASMvov0lx1JGczYEdthAVFCr2iaXKLxRUhEarM%2FGsYGuiZVjVK302XaT7C0kXsbsZNquUGqB1Ud1uIXVFx1ZakWJQ%2BVsn3rPZGVXO4P5EHtCqSZsQ2aNuwU6Mg7VefVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc70ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
popper.min.js
cm-ob.pt/template/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/popper.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-4a58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK9o3jfIMxEK2yvJSb7Kc876qO%2B1a%2Bp6KD%2FFQQWXUYvkdYQ%2BqrE3gzdCa0Nu2i3qhP899Pimfc60LDRLkZ%2BQ%2F4urRo%2B3KLxHDp2ETH8Rr%2BObG1mAuT54vIv9T2O9RLg8KislVb%2BnrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc73ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
bootstrap.min.js
cm-ob.pt/template/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/bootstrap.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-c5f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zdL%2FOLLoeumoge4mOSviwCRJFBH1WZDRJ4g9RsvuPYSMjgzvmD6HUQ3MSVJnMRhKfS7JFTbPJ1MplJvpoQXVos98X1zLwiWnunsx3jiYdcNxvchtJdHb8PURfza6frqf5Yqh89DMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc74ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery.easing.1.3.js
cm-ob.pt/template/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.easing.1.3.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c19392554c9b78c15771afa8f9fbfc78e0e46ca9527831f90ae41f95da73b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-1faf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zkr%2FhXDDpyStffhkFrW2oWNpj3VdEBLA%2FAAM5AjVFKwmF1fTWzLNQGU142WI25vR8XoOAmJRD5EgIabr72qE%2FwBzmgCscNJFRjmQrj6%2FsxEj8Kf1%2FM5rqF6F57qqjk0Gi%2F6qnRRlEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc78ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery.waypoints.min.js
cm-ob.pt/template/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.waypoints.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114484b6bcaa6c2e7ac8301929d6bcda18a7f71924a835c2e6c01fdbd6421f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-2283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQT4%2FqUQDiIdCJSBC8jLZbs55A9Or04J3FYR2gO6U7HtmuQMlnZJFi8xMImjatYTyGijmzIWEOhfjicowEVtFr2CWguPjSUh9m4VJ0pQdB7TRDfWtLdv6%2BnDCcnvvLhWq0jZeW%2B9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc7eca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery.stellar.min.js
cm-ob.pt/template/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.stellar.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-3135"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RUYKk1nSyPIjLXoqdJFV147o5TKaRXA8Vl%2BjfCQfHsF5%2Fq78Lb9bZkGGjSktTkqNYE4XFCwohglSV28fCvWohfsxs3h5ZgmtDrg0jZZBfn7ECvJbwjixDw8ILOseDWFYqc0mxkQrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc81ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
owl.carousel.min.js
cm-ob.pt/template/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/owl.carousel.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-a8e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSkY3quB8R5mXNbQW6a4Y6bLwMONsetVTGS6UoE44%2BCFHxD9qo11rUybLhbp4ZMD8exv39zO4vWvVYI1w%2BN7VK9Kd0W3pg2XPHThtqQkTFuGbKkqDv8e99EDZaykMyHwP9jM7Wn5Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc86ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery.magnific-popup.min.js
cm-ob.pt/template/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.magnific-popup.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-4ef8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZ0ohR7F8yOV5LsKZP7oduiVLnLibABGR6ocPutEZZ6g1tNLAcZypSeCNJE4Yg%2BZ2eoRYcLBScOsc3w4w3MbyjPo5%2Bor3dpvoBb68T%2FTtOKR4a6v0x%2B5IZkz3mx0M3L11tPUewA5lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc8aca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
aos.js
cm-ob.pt/template/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/aos.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-37a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhXMHJt1wHwBjFvU0oMJVBpDhdxZY9tTvYwOaXecGNUh8jAN8psq7U6x3e3SpX9PZIH447UMHsPS1kDOiYmIzXEcRmfKkUnbci0pBNn1HhgKgn5v6MqJ0xu%2Bi1Xu16uiFsHw6wTf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc8cca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery.animateNumber.min.js
cm-ob.pt/template/js/ 		1 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.animateNumber.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-56f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BffaGVbEQK2YQ3vbVWcPafKExb9GVBlZk5zOHRwmK0Y6%2BJGgg1S0yMHNmZFXIhaeCJuoTeGS%2BCHs0Ia9jasunE9pzmeitA%2FCWvtzxyMd9QSKpktKEEf6UyvxtCLHTbDJCmhZg6iyqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc90ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
jquery.mb.YTPlayer.min.js
cm-ob.pt/template/js/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.mb.YTPlayer.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7fbd5167d309fe01011c8e9d705efbaf23f8737d71b2ef405d11e5cda09989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-d12f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJvg1dTxli1MGDzze%2FHC84HZjdHaEUAm1H9QFPjBtATA%2FfCvAdpD14Edu5bMFTkYoHECfr%2FlzvEFxfrRTjUth%2FMXMRKRnVmcy2ZPqwPp11CEzI3YScixrMxfWvod6oLFvZ3NeUdQiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc92ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
scrollax.min.js
cm-ob.pt/template/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/scrollax.min.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500bfc62d016cf183c412c5936594c609064cbc5865c1065353af9ad09aa46a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-1d17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qkVX02CRiwNuvgEupBv38%2BbM4sDvKcKgXyjHT0VterEhEl0EKNhVV92oRhm7es0pbv%2BOz5ID23y3o3T2YoHLoNLBElwyCQwVSt%2BHvxnL%2B6E4isBwa25iORYlKEzi1NvqMZPVHPMyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc94ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
main.js
cm-ob.pt/template/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/main.js
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866e136465f8d394fb467dd65bbcd0b78d050ab6ee4ae8eba39ab5f681820064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2528982
etag
W/"60fe99ed-1394"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdFestNbmqv%2BkzkyUXtmhnSqFakTWMLPV%2Fh3Pd2a1idN5ctctHwYFdVLq30a7vqTgOGqZJrnlI3C%2FnKvA%2FVUPWiAMiztLlZbRch0Mb9GwT8deXK9WbnGKTBMpwOi%2Flqm99us9ubXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
775f9fcbbc97ca37-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:51:43 GMT
is-american-siege-based-true-story.jpg
cm-ob.pt/img/home/05/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/home/05/is-american-siege-based-true-story.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f006f8aebf25d9e50d5a5eb25a652b6cbecd2d75dc99cc5d3aa79b963b5b89e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44645
last-modified
Wed, 09 Feb 2022 11:34:12 GMT
server
cloudflare
etag
"6203a6b4-ae65"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bux1SFq3QGrt0SxHk%2F7AcnWkYlszQD77IiQvfO8seQXAcLMj9l1C0gmrrMB%2BwIkxcObMr6QicnPBM2snuQy2TAHO1HGbLcc2mFXJMtp1uMTPqXcUw0LejZ6Ci4nWqfxyaCCRWcuF0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4eb69a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
26-summer-shows-no-mask-required.jpg
cm-ob.pt/img/television/26/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/26/26-summer-shows-no-mask-required.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaea0c9d6e746d45e1bd66f5bb947fd0035e68189a2d0a0be874e6c5f710eba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39190
last-modified
Tue, 14 Dec 2021 09:28:12 GMT
server
cloudflare
etag
"61b863ac-9916"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9mK4W9Vlm2KW%2B2kdvXMDTxj8TsGJm%2FO0LDeMoTVJe1pwpw2I96NRJNVEY2Be7Thu%2BU9zp0IXt5XZ4P0WsGszXQvo3PcS0zp5TlC3AxpdjI9IomqGtQPqLuz0qgzJBZKo1eVtdTV3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4eb99a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
preview-real-housewives-potomac-season-5-episode-20.jpg
cm-ob.pt/img/news/13/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/13/preview-real-housewives-potomac-season-5-episode-20.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5198dc27c3e04b46047da973ff1a075ac65d2e133f86f441f0cad06074f128d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55500
last-modified
Mon, 26 Jul 2021 12:41:02 GMT
server
cloudflare
etag
"60fead5e-d8cc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2F2TrMLEokC2h1AgpAuDyM2cx63T0YRcBIZuuKyclUnEg5Pbi6y1kds8iWbqfl0pa4mxMwT%2BPL4oKagz00St6zbnAffAIwlrwaAyqZpZObm6KIE2xpKisZqKJw6E%2BPnuQHz%2BKavxkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ebd9a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
are-whitney-and-justin-rose-from-rhoslc-still-together-1.jpg
cm-ob.pt/img/news/85/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/85/are-whitney-and-justin-rose-from-rhoslc-still-together-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403b33dbd3aa8fe3b94ac8d6cd2b1ad5dec495c9313de112c921693910c67115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126680
last-modified
Tue, 11 Oct 2022 23:17:08 GMT
server
cloudflare
etag
"6345f974-1eed8"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilx%2FEX6ShdOwb4NYL79vS7H1LyxSvsx2Q2ByVrgMhRbFvFPw3ovXkmdZWulo7u9AJOEEMiiMHeOKao7XhAT50f6yijSEHEUONY0c%2BKbLa5uqN%2F%2B%2BEXUyNlBJMn7UzPdzG%2BgyT4dE0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ebe9a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
what-is-the-meaning-of-blue-tongues-don-8217-t-lie-in-paper-girls-1.jpg
cm-ob.pt/img/news/29/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/29/what-is-the-meaning-of-blue-tongues-don-8217-t-lie-in-paper-girls-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0fab53b362134d311a8b2202a9877d3b2da7cc2de4bf7c63bb455c8d08854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91147
last-modified
Wed, 03 Aug 2022 04:06:08 GMT
server
cloudflare
etag
"62e9f430-1640b"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0uinhJnnzD%2BGHrI32bxozbrSFNZvmafUTZxJ%2F1SBwI2qujxsWo%2B9FBtLmQygRvkoFIKTiTyqQaaurBSIgb9IqKJOwox%2F0lpgfC7x%2BKIOdLfz0jDpd6pkuHqhzDZUZFITDfUxutp9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ec19a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
what-is-rita-wilson-s-net-worth.jpg
cm-ob.pt/img/news/70/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/70/what-is-rita-wilson-s-net-worth.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a313556153fdc21564e05582bfd3a65904fe540c3a81e1021f54d0ab6d23c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46158
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
"60fe99ed-b44e"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLfpc30iH0cw%2FEWQn%2FFc2dA%2BjVde5DrxtsK713FwcVqQUK8nWpsMMLkbsIsKGO2v%2BT65lj4m4H0nx8Z%2FLuvjlw0%2B8andIVfqein3FOlZCdV4G0WnpENQdFa32c4nwL5lw55jH0q2wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ec29a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
is-28-days-haunted-scripted-or-real-1.jpg
cm-ob.pt/img/news/A8/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/A8/is-28-days-haunted-scripted-or-real-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57ca47cc882aff51f652036e326d1042cc1b9dbbf64e40f195193958b19af42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44726
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52366
last-modified
Sat, 22 Oct 2022 11:23:06 GMT
server
cloudflare
etag
"6353d29a-cc8e"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xprOmMsNNStu7l0pN%2F%2FFBn0K21u7U%2B5Y9k%2FlQxDcwD715SKkWf9BWojhwYDRfBs3Nh9lDzOe4v4xFcfk0vAyx6jncMUQzt5bfz5YZbZiHQ6mfdNKgiLLVbXz4sGJ0yGSEAOiSqHlFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ec39a3b-FRA
expires
Fri, 06 Jan 2023 06:55:59 GMT
where-is-hgtv-s-cheap-old-houses-filmed.jpg
cm-ob.pt/img/news/44/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/44/where-is-hgtv-s-cheap-old-houses-filmed.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3859237ce3dbd3a3cd91a1b5726daf8d4a7547ede6b1972c38b218058cdba0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109748
last-modified
Wed, 29 Sep 2021 13:31:58 GMT
server
cloudflare
etag
"61546ace-1acb4"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvRCRJX%2BP9%2FDzFQtFw1PzR3ObAimbe4kaYsUc%2F2MfRlElnAW1T5S4C3pfwATKdFwtiVeF9CUdavl8PdmqTwGxqqdlaJmkfx5OnhehvaOGIoWSnUXoj06sTGyHdBVszzuNQwgZPPeRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ec69a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
is-weird-the-al-yankovic-story-on-netflix-hbo-max-hulu-or-prime-1.jpg
cm-ob.pt/img/movie-guide/AF/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/movie-guide/AF/is-weird-the-al-yankovic-story-on-netflix-hbo-max-hulu-or-prime-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e337a8991bda7d8cf31e6c3fd109ed16b8df0c2b198323640f9ddcda8863e074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
135757
last-modified
Sat, 05 Nov 2022 14:38:27 GMT
server
cloudflare
etag
"63667563-2124d"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLpYqiDQjvQpt3Bq5dWlP8KgikZ5gJs%2Ba%2BrZ%2BVyqlFhWGw2h440avXnexT8J1%2FoRbRGY7m%2BRDlPYT%2BK9NHUtDXrSlpTeH1QXryEd39Gkv%2F55sKcq8gRo%2BTqegnzhFG6299pz61uQHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ec89a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
mystery-101-episode-8.jpg
cm-ob.pt/img/news/56/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/56/mystery-101-episode-8.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0560fb06603fa2aa1cb927b5cf47fd243c07b4919311d6efa05fde077241fc93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102439
last-modified
Wed, 29 Sep 2021 13:32:22 GMT
server
cloudflare
etag
"61546ae6-19027"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5DZ2jXoNEF41m418YyghETq46%2FIRmgxSpkDwOgEXwJo5U4t23a5qabGEGqthludcfXRKYDg9KZRHBjaSvC%2BfEshKTT5RR1RdmCTGSTUPDRtOr4BcF6q%2Fyr0PObk4kLeTBQww9YpFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ecb9a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
firefighter1-shark-tank-update-where-are-they-now-1.jpg
cm-ob.pt/img/news/78/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/78/firefighter1-shark-tank-update-where-are-they-now-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b400a52bc9e437c0bde53bc563b854b160a99016171e17ac100a11adf3ae4931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112992
last-modified
Sat, 03 Dec 2022 10:39:02 GMT
server
cloudflare
etag
"638b2746-1b960"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70fDhl2CeC5pO2c0hwQNwkjFVpJdjPWa33bvbuO5KPcZ8DK6D3Np%2BHTubOBlAIWosLBA0%2FRx8qUhwVhCt3ixa49Z4mZlwF4%2BJN0gFp4EJpvHu687MpQ%2BLB3X4bJf6ZJJHxAFNHNSZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ecd9a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
pachinko-episodes-1-2.jpg
cm-ob.pt/img/featured-tv/70/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/featured-tv/70/pachinko-episodes-1-2.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097bfe54100eac16362d17cd25f5e5587c3e1df4bae562a1954b7999f8453652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40484
last-modified
Tue, 10 May 2022 10:42:42 GMT
server
cloudflare
etag
"627a41a2-9e24"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqOrfUSjh%2FYL4CCP9DBEcwV4dYzxB3FAEaqaJ6%2BZHC9%2ByJFblYJOggWDl216giwR%2FRl6qM0ajfOvzMKHvO2LWVsUliS6SCeOgZC9nzdv17OFx67Bb6xtX2SWIrfnBXZdPGlDeTwuIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ecf9a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
7-tv-shows-you-must-watch-if-you-love-unbelievable.jpg
cm-ob.pt/img/news/77/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/77/7-tv-shows-you-must-watch-if-you-love-unbelievable.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314c10f01a7e81bd4775e7ef4b2d8402648679137fabb9af0512b5a785a0230d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37773
last-modified
Tue, 10 May 2022 10:40:46 GMT
server
cloudflare
etag
"627a412e-938d"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJw7%2BJZB2yGD8KGOCwVwomljQJczmqv0Ge3EJA9cQdRJ%2FXCDwF4HTaE1mcPCqsj8snBxkyDr2Jb9gC74urLHcArAUIgVgJWwnHALtHREB0gQO0DQNiQ4OT7%2Be9r8hNZ%2BPDSScuFDVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ed09a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
where-is-netflix-8217-s-the-sandman-filmed-1.jpg
cm-ob.pt/img/news/28/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/28/where-is-netflix-8217-s-the-sandman-filmed-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bfc9dbaccf2a80cfc1d82ec444a8da8d30e53116ca64aea80ca8c2f15632519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150624
last-modified
Tue, 09 Aug 2022 00:14:10 GMT
server
cloudflare
etag
"62f1a6d2-24c60"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwHxWei4CCI1INVI047V78xO1R120OGAOUuwkNcsv%2Bi8wCRO19R6vujHmnME6rCxgH%2F4wzcG1J5ln%2FLcLm%2BT7urAFOh7b%2F62Hhd32qDyAe9%2FE09blzlnUe4OaERzaK%2Bzm3G02FLZoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ed19a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
famous-love-season-3.jpg
cm-ob.pt/img/tv-preview/61/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/tv-preview/61/famous-love-season-3.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75eaf71056ab1676fb1d6c8126904e890c8e54fa557b4a12e1badfebd0de89b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
104657
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
"60fe99ed-198d1"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka94fvilJ1kpzvjBN1Uyv7uJOPoM4n9%2FRdjE8DqNd0UpWjzSaVMNJeWYkBupFuYUvfbgdWwO4UT079XQ0TfEzC%2FmLcGG6%2FSftZhxlUGnvx3JOHKgjC8D4bVliDtxj1QLlCQKMtSP%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ed49a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
original-big-bird-caroll-spinney.jpg
cm-ob.pt/img/television/08/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/08/original-big-bird-caroll-spinney.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb1fde4af6ddc44c42ee5d452a641868ffd278206b20252346af398cbddfa7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
119077
last-modified
Tue, 14 Dec 2021 09:27:34 GMT
server
cloudflare
etag
"61b86386-1d125"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NC871pB1Yu3wTU4FE8mOrOOR0cA%2BpDrmwhZe4UFJSGvFzJLptBUIa3o70S9uoJwYxaG46W8BYNVVJDkfBsllP7yUV2paj4WwBI7hLURa0dRadEilNP3PSV%2BHobQYxtc0XilK4jjEuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ed69a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
7-movies-like-prey-for-the-devil-you-must-see-1.jpg
cm-ob.pt/img/movie-list/46/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/movie-list/46/7-movies-like-prey-for-the-devil-you-must-see-1.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cad01199254e7b19c8595fdbadded2934243bebb0cf4ed94d1cf0f4db2a16ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56134
last-modified
Wed, 02 Nov 2022 08:28:02 GMT
server
cloudflare
etag
"63622a12-db46"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIqIds6grrCzZE1%2BXkHuTNVQz9RP27rosEp8n1mf9A1QRZF2E12nNt8CcJPWSPdhrIYiFBlTAK53n0x1%2BvVRv9d6ViisIfSJiQfnOnGxgQey1sO%2BghM%2BGy8e2ecHb78SDyNySfqGSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ed89a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
what-happened-erik-cowie.jpg
cm-ob.pt/img/news/64/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/64/what-happened-erik-cowie.jpg
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5aecaa5ce6db5f6afa8ebcd9258aef673badc9086f8d26148e0df96e8a90e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53769
last-modified
Mon, 29 Nov 2021 11:28:16 GMT
server
cloudflare
etag
"61a4b950-d209"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ems4srcK6OSwlh6zlPJ1fPuJuOe5%2BxHKxAB5p4tcUj7issq8%2FPRNTRd1d%2FMzoU8hzpgkPugTU%2B0bnBMmRRWyx50%2BsbMEqqdy059j7gjdp34NU%2FEc0iiEIDVMvB8F6EDqUh5gImfjtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4ed99a3b-FRA
expires
Fri, 06 Jan 2023 19:21:25 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:14:46 GMT
x-content-type-options
nosniff
age
439599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 17:14:46 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 19:25:44 GMT
x-content-type-options
nosniff
age
604541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 19:25:44 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 19:24:53 GMT
x-content-type-options
nosniff
age
604592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 19:24:53 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 22:04:56 GMT
x-content-type-options
nosniff
age
508589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 22:04:56 GMT
ionicons.woff2
cm-ob.pt/template/fonts/ionicons/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/template/css/ionicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601f544b91a0588ca8cc6343334f4c235380f15c86c055dc8de455bfb30e0ef0

Request headers

Referer
https://cm-ob.pt/template/css/ionicons.min.css
Origin
https://cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60fe99ed-c5a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfUm7VjAzbu2r7gVe3t90gGUD6cw64Vv7zLavEnecCDcLlV6tEw0rsT72NcH5rSBFh5fkjE%2ByTvLGkZd99eULB4nEPJA7vPEP1ka5NgwsdSvFqY5WAIOxm9yLhTHtvEGva%2BtDLU7bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
775f9fcc4eda9a3b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50592
icomoon.ttf
cm-ob.pt/template/fonts/icomoon/ 		300 KB
301 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/fonts/icomoon/icomoon.ttf?6tt51o
Requested by
Host: cm-ob.pt
URL: https://cm-ob.pt/template/css/icomoon.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:93a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef32dd19b8c1199d54ec6e516c20cddde149424bee616901733c253ec0219719

Request headers

Referer
https://cm-ob.pt/template/css/icomoon.css
Origin
https://cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
510353
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
307168
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
"60fe99ed-4afe0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=196Yx%2Fkho3c1twIdDZNTsuUw306taO%2FxpILYaUE%2B6isvXytM4DPmvSjUOJ%2BYoF%2F3kNIjwKDXem1md63ZlIINF5urrBgtQdU711YPJpva5xa25JzNAIzKvpUsoR0vTNw2QSn9HMZyHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
775f9fcc4edc9a3b-FRA
expires
Sat, 31 Dec 2022 21:35:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7514112409d72b9db8a4acc15bc7515afb57bf05055bbb3ba3192ded83e3d694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
server
sffe
etag
"1415 / 825 of 1000 / last-modified: 1670439603"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Dec 2022 19:21:25 GMT
prebid7.17.0.js
get.optad360.io/sf/ 		492 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.17.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:aa00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:55:17 GMT
content-encoding
gzip
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 06:53:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
5653569
etag
W/"840fa482840c0b1f014b3c14f6e0ab2e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-id
48kUHdV3pfP_2Y2vu4hhEuMIDPW1319591CUUo3Ckvp6adnQHsppKQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221207
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63cf34d7d8f336c49926a71077cb85721b5d4ea4965ec863d00e4e67889429b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12036
x-jsd-version
1.0.1549
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4568-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"669-qt53nq720yju5AvMxS3Y9hJ65xs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R62ISGj1H9DHRq5VFm8OswuT6I2iEM3xKpYwEqPQb8Acv8R8balze4ywE9K7dByL1ovGS16BHgW2F8ujq55zOpOSTshzn7Em6keNxfjlFLW%2BWF1C74TIkiiE6BXFjsnle5tw6neaCkNbk47S23o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
775f9fcdd8f8bb97-FRA
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Dec 2023 18:52:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		72 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7f7edf7dc65c4faddfc30b51d1c8e8e3536dc120f86785d38c8a026d31a3852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59
x-xss-protection
0
expires
Wed, 07 Dec 2022 19:21:25 GMT
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:48:45 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
66762
etag
"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
accept-ranges
bytes
content-length
7419
x-amz-cf-id
RIXctEs73rYt-yRiEmAR2BWzKE4C0xwu56dFezCf5eRXsKDaenBP8w==
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Wed, 07 Dec 2022 19:21:25 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://cm-ob.pt
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1fd959fc54e427494f2d526d2275660853f4616b5a476ce547a1c963d5bbbad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://cm-ob.pt
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cm-ob.pt
date
Wed, 07 Dec 2022 19:21:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
ad6fdf8fa97bc4a6377ae4b22958867bfcf52fe60599c7bf96e75d31a9879e00

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:26 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://cm-ob.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cm-ob.pt
date
Wed, 07 Dec 2022 19:21:26 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
775f9fd3ee965c98-FRA
access-control-allow-methods
POST, GET
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cm-ob.pt
date
Wed, 07 Dec 2022 19:21:26 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ac06dab75be7abcdb197df7d16655acf77ab17a8c48124373c5712e5a8a085c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 19:21:26 GMT
AN-X-Request-Uuid
1c0370a6-ff2d-4cd2-8ece-a7b300a3a012
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.67; 217.64.151.67; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
9e91b53182113694b53e34f029829d2e1b716e20d169bd1ee7f2bc4c2d5a4515

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:26 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://cm-ob.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a1888721c9c73b67994e0f71d70cfd1a7682d7f4685932ffad0a99c4616e6a96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 19:21:26 GMT
AN-X-Request-Uuid
e81fa6ac-cd3f-47da-bc69-539216d93805
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.67; 217.64.151.67; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cm-ob.pt
date
Wed, 07 Dec 2022 19:21:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cm-ob.pt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Wed, 07 Dec 2022 19:21:25 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://cm-ob.pt
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
useast.quantumdex.io/auction/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cm-ob.pt
date
Wed, 07 Dec 2022 19:21:26 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
775f9fd3ee985c98-FRA
access-control-allow-methods
POST, GET
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cm-ob.pt
date
Wed, 07 Dec 2022 19:21:26 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:48:45 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
66762
etag
"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
accept-ranges
bytes
content-length
7419
x-amz-cf-id
wmbtS-7KHVbIi1uwzqJlfVvn66g_DTnDhO0C3s1siXq_wF8g_66wzQ==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626318159387367&correlator=3785568117638176&eid=31070872%2C31071150%2C31071154%2C44777898&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&adks=3382704926&sfv=1-0-40&prev_scp=hb_format_adform%3Dbanner%26hb_size_adform%3D728x90%26hb_pb_adform%3D3.02%26hb_adid_adform%3D2905bbfc8e825e1%26hb_bidder_adform%3Dadform%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D3.02%26hb_adid%3D2905bbfc8e825e1%26hb_bidder%3Dadform&sc=1&cookie_enabled=1&abxe=1&dt=1670440887044&lmt=1670440887&dlt=1670440885046&idt=427&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcm-ob.pt%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=866041296.1670440887&ga_sid=1670440887&ga_hid=1268305911&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e00f9cf601d02d864b4136b726188d723ab369a3fc80df6aa274d8b55141925e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9698
x-xss-protection
0
google-lineitem-id
5748845958
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358150537
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cm-ob.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab9bbfbb22f96dfe5c1524b50f2f6e8210dc9484598f4ad3e7a66d3ec7f51133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11085
x-xss-protection
0
container.html
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3587 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 19:21:27 GMT
expires
Thu, 07 Dec 2023 19:21:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626318159387367&correlator=3785568117638176&eid=31070872%2C31071150%2C31071154%2C44777898&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x300&ifi=2&adks=559058210&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1670440887062&lmt=1670440887&dlt=1670440885046&idt=427&adxs=436&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcm-ob.pt%2F&frm=20&vis=1&psz=0x0&msz=728x0&fws=644&ohw=1600&ga_vid=866041296.1670440887&ga_sid=1670440887&ga_hid=1268305911&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdbd330291838ba9404d72383a4b1e9f0a57c996f0b6e7fb3ce9a91a70348777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24802
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cm-ob.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 19:21:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 554F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 19:09:31 GMT
expires
Thu, 07 Dec 2023 19:09:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FC46 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
39887bcc8aa3f77aa45d1fae0641af1227ec918a7eec9a23700b0c96f5f74304
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ns0akkxfB4PaSH5NyKha2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Ns0akkxfB4PaSH5NyKha2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 19:21:27 GMT
expires
Wed, 07 Dec 2022 19:21:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 554F 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:47:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 06:47:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FC46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=2626318159387367&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 554F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kLTlKQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BED4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 19:21:27 GMT
expires
Thu, 07 Dec 2023 19:21:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BED4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 09:30:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
208237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 09:30:50 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame BED4 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32400
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO5VXlnZroLgxtgD6ud%2FMTAvfuISaKNfAhoxUJtX57pIMepODCgtQooAXVK1F91i%2BZUQr8WqpGDGy9oi%2Fq4xbHHzf9o2EPPfBak%2FTEh3P1QKmY3qfAn16ZmH2Bv7PGhGuKRAkZyCyGgVUMxQASY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
775f9fdb3f1abbb0-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BED4 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 19:21:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BED4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaXUGeLiKVqgrbyURyj83WNVz7Olcvy0IMQEhOXrhPOMtGZWbOnnS2P-IJG7p0l8dpx7r-Ufnwjy8gcaJMHkQdLlbTW5YiODLLNVMv07xDcQz-aZlwP3XBHqntQ4ZMN9aaN95bJmh_PkfKkzGY_OGhIodocxlh3Rdfw9FfqCg7vJkkDTs6XkR82n7s5hRBgjjBbz2OfFl77R6vmzjlAvPczR0KvTVQUZhaOeeACsraX6bZAC18n8UX7i5zCwDUNuejR9BHDFMelt3SpEv8AlQL9v_Ep1lhrWSBjie4G7-G3-9JkEXJMvKCARDZzvq3x0q6fDZzLEUHwCuFhLf4u_LsbUAmIsuMkKZ3-jY&sai=AMfl-YSU7WSQikyzo_TE9GnVu5bVAqBlOWzdMPcuVtqyuhgFmiw7IToIwY8a4GlfbcXvMtOUB9j2KIHAkYVK6pIA9IBPZXkuwgfJLhCnz5yB97IvNbX69nfQqcvcFWu3VkQtQWBRVJYb5AWfvjKQnWcDhdI&sig=Cg0ArKJSzA0sMmJReFIQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 19:21:27 GMT
/
track.adform.net/adfscript/ Frame BB8B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59953019;rtbwp=jfZ9B69n36oQbpIgya3xbutjcxmFbeTX0;rtbdata=yEFHjpLMPkrQKgtHgdebwtdEMwA3gwCyNgO8USW8YxEjgVvQL93P7xugVsbtTSWsQXMshdzqDiVEVfIPGYUo2KPIki8ts18xKx4coeK5RQRQcAlPi1Gdlp7tZb-Q5KvRLMQvCjo7ZLc8OjDFrNLHlW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGReGoU_acw1ziKlIVB8GRaNEPz5nwR80-ZobaDlF97_-OCT1AMnbBGpfuEv7lD3JxtbLrvapIC6bX7H6_NPsDgS4iHMporlN8yb_bM2ENAfq1B8hDbv55vSg1KuOqTAmLI30oqM5qEtfl7UdPwjxOrmefFqoW_Uv7cOa3Zdu3iTVzpiW_rQbTGDAoWjsbDh2OJKlMtGeRisMRaUxuOeVNOvSWtAO4uaJ3oYh4ALc1wU5ZlPf34LqPSEsb_2Dur6Uph0;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CLAbGff6y-MqHMLsI0XOHQZVzqGChkyJieHSvxjbglFjRi7NilCba5T7WXJg35mTUgfwZVnb2gZI9rcDZCZXL58hMfj0tTa-B6zogkUgvA9RDooBt37AffIMIeNfh-QlQXMshdzqDiVEVfIPGYUo2KPIki8ts18xIlvdpQq-gUfWLEXnpOMBellxC1NE8z8pln8BetTtWr4DeDr6Pj76wMWjAexNyLOV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEb47TYVrNM5IqSJ5QRBtfPV7EvxPVwR0_4jG0VM71YqapA91K7iSmjd6vWmW1dlSa0;
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9409002d5515bdb6f71e7fc1af6d79fe396878e224852de3dcc154298e3b2860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1908
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame BB8B 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx00000cfa1f558e560dc31-0063858c9b-32941e2b-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame BB8B 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59953019;rtbwp=jfZ9B69n36oQbpIgya3xbutjcxmFbeTX0;rtbdata=yEFHjpLMPkrQKgtHgdebwtdEMwA3gwCyNgO8USW8YxEjgVvQL93P7xugVsbtTSWsQXMshdzqDiVEVfIPGYUo2KPIki8ts18xKx4coeK5RQRQcAlPi1Gdlp7tZb-Q5KvRLMQvCjo7ZLc8OjDFrNLHlW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGReGoU_acw1ziKlIVB8GRaNEPz5nwR80-ZobaDlF97_-OCT1AMnbBGpfuEv7lD3JxtbLrvapIC6bX7H6_NPsDgS4iHMporlN8yb_bM2ENAfq1B8hDbv55vSg1KuOqTAmLI30oqM5qEtfl7UdPwjxOrmefFqoW_Uv7cOa3Zdu3iTVzpiW_rQbTGDAoWjsbDh2OJKlMtGeRisMRaUxuOeVNOvSWtAO4uaJ3oYh4ALc1wU5ZlPf34LqPSEsb_2Dur6Uph0;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CLAbGff6y-MqHMLsI0XOHQZVzqGChkyJieHSvxjbglFjRi7NilCba5T7WXJg35mTUgfwZVnb2gZI9rcDZCZXL58hMfj0tTa-B6zogkUgvA9RDooBt37AffIMIeNfh-QlQXMshdzqDiVEVfIPGYUo2KPIki8ts18xIlvdpQq-gUfWLEXnpOMBellxC1NE8z8pln8BetTtWr4DeDr6Pj76wMWjAexNyLOV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEb47TYVrNM5IqSJ5QRBtfPV7EvxPVwR0_4jG0VM71YqapA91K7iSmjd6vWmW1dlSa0;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 08 Dec 2022 22:14:25 GMT
truncated
/ Frame BED4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cb1ad557dd98476b941d852a17a29712c5c5333a9c0d6f97e089525f872454d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
container.html
93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2E96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 19:21:27 GMT
expires
Thu, 07 Dec 2023 19:21:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 2E96 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 13:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
20030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 13:47:37 GMT
css
fonts.googleapis.com/ Frame 2E96 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:13:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 19:21:27 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 2E96 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:08:49 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 2E96 		388 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:08:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 2E96 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
65088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 01:16:39 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame BB8B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2642294&plc=59953019&sid=1358733&dvregion=0&unit=728x90&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2642294&auorder=83962707&aucrtv=56146194&auadid=1358733&c6=1438767&c8=1109&auplc=8942065&turl=cm-ob.pt&c1=VF-DE+Performance&c2=DE_22_AO_P_C_G_M_cic-220-cre----per-xia-dive-PER&c3=RT_PD_C-213-xia-x12-Pre&c4=xiaomi_startguthaben_221102_1456x180&c5=Real+Time+Bidding&c7=Real+Time+Bidding+(Media)&c9=&c10=Adform_AO_AL_None_BNR_CM_CPA-OMP-Xiaomi-x12
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ad8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 19:21:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
csi
csi.gstatic.com/ Frame 2E96 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lbe1di4u&c=4268404705694&slotId=2134202352847&qqid=CPzT3Z2d6PsCFRCf_QcdB30EQA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E96 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
182195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E96 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
517152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E96 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRC51t-eQY7ycHZC-9u8Ph_qRgASc2tbcbbyX367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQKc2yXiC5-xPqgDAcgDmwSqBJgCT9CzXj85W7m2Z20sjXoqi5Db7GOgnRi7NK92nHSNdMBsar4CrX2qMupFDc9jxi7h9S3x4xfpJekAkQQR3PxbajGDQ9erminpkdusKHeSbEknr511nd_OYUFrNPX10AYLLUQW1GBmAZCRSiJ15QX_Qwgq6Yfcg-4g41CyMBjyar8qWga9c6BSlFM66QmrtEJOyRndnNCoBFEpUVZQgz_cjnm9Drd7wCln2AN4LiUeJEPzj-g4kYDsevse4opaqqzhzttahGDsa4EOjQwtrCacKVJcohy8wUMD7kamF_FU7j6O1spBRzQeKwP8BNR0dUWFjLscGCYaFIxylT2v-zOdnorCO5_tUMahWJtiZTG5WO5GAi2t7F7TJMAEiKrKgpEE4AQDkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAeALAYAMAbATscq4EcgTgfSd4APYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1670440887833&ai=CRC51t-eQY7ycHZC-9u8Ph_qRgASc2tbcbbyX367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQKc2yXiC5-xPqgDAcgDmwSqBJgCT9CzXj85W7m2Z20sjXoqi5Db7GOgnRi7NK92nHSNdMBsar4CrX2qMupFDc9jxi7h9S3x4xfpJekAkQQR3PxbajGDQ9erminpkdusKHeSbEknr511nd_OYUFrNPX10AYLLUQW1GBmAZCRSiJ15QX_Qwgq6Yfcg-4g41CyMBjyar8qWga9c6BSlFM66QmrtEJOyRndnNCoBFEpUVZQgz_cjnm9Drd7wCln2AN4LiUeJEPzj-g4kYDsevse4opaqqzhzttahGDsa4EOjQwtrCacKVJcohy8wUMD7kamF_FU7j6O1spBRzQeKwP8BNR0dUWFjLscGCYaFIxylT2v-zOdnorCO5_tUMahWJtiZTG5WO5GAi2t7F7TJMAEiKrKgpEE4AQDkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAeALAYAMAbATscq4EcgTgfSd4APYEwqIFALYFAHQFQH4FgGAFwE
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2E96 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BxGTjHo5473M33gjAewLt8mUaqdnQcL41g7DJGilaTxl85ir441K6dMfL_SlMML376mx4pqEuRPF237P-Bf84e6-FVxg&cry=1&dbm_d=AKAmf-A3zAj0YvJxQf1_9gTUj2AXIugst-zfvsl0EM5Oo3d3woOd95QhXZsZo8Zu8x_z7PXlTBCW1SuHhyVTgzHyMf5Q4Ed__8tLaGn4nPVoRJ7gVTYKawAZhnIAxbfq4FJtH34KMBvaT2UTeNTmX4lr8LkBuhkTmDckTR_o3AqcLJDnJSnIsdDbGZ1JPqw-Qllgqc3ikNtr70BEJwahWAd5oEY4FAr96W2zTuYih6_pMjy-ZaTBfN6wvpVkweN79chr9zhmT8M-3DQD8A5zKupOchzhXR0wJNCzJMUJRxH7hFykChKxjTGT4tNotvoIsmwW2Bu5cxgazbR_2hJ7CfGLdHU2LAQKq8dWNHulGF3wjpW58QQutobnwPDnOt0E5C3iboNsio8Ht0XBEzPuSLyRvbc0TZXmL3iX3b7HLvkeEZovQPwF37yTulXDdQC-AhLys-i_WacF9gNNT1MIQx1jX90KTnJCJKuQsYah9ItqpIBMCMm7FhguxPGwg5c4d5eR-Rrux-Ou2eSSAu3_4QaTFxCrXnnKWS_TmMZQdIxMTfgjZNPrzUNVKKx-JkWNGoaoTDvY7osA5qUvZI0yN8Amq7vOluJHhHBOsVr_WWeJrJaa5zN9_QGCkarPQR1hZ8ukk1QNgi8ks_Dl8AXwcUIbMpdpMaI9YFfkf_2DMGN2-VbYbVMAyBr-2fGS_jV2YBItkaFc77Go0_etFvoWQ7IAFF2g6i5l9LAZeBEwCVHAbMXb2lqsEP6pDkYcfS6a3WLUI8ipgHxnDXaCumenl3Jome2HsS0jw5qsNVmHFE3rD_liLc_ZdKnIZMvzb2j75wCen37WVVM4yG0DLBmXpgPV4KQEcCrWX5b4cNLQFCyB0j9-pjpv-Md2XFZUBD_t39r4mdIanhxQjeDpLT-lQhuGWZFdxaMPj-kYfklp5UuOQ2jG0owdKerHlSo8glQ-Xt0CDLmR5xJG6HA1ts6GmZmVjdlC0JUyA-1OLxAffYDl1fKSr0Oy0YNxwfhH4n7c1FcrhYpfXCV6xWyp5cAA8dEhwboiI4UmT7LEcChbo2r1nIkUft-S4dfOpeXUefwdZW99PnDQYiZ-GUGCbUEy1d9-QDPET2HKB5kRiIfSfYkKR6nhhgY4PXw5CxcTEK1UuY9IDkAM5V2ZHe0BIkCIVu8T6ors4oYsWf-lSIviReEIWQMYQhWphvEzT4HwtF7NRdlOT9dT8Qp3dnuWhtSh_zyRdivA2KQ_dlvA55wxFiLuIiJOBaO46L_1pKtUJVH_ZGd1kIcDGu3SIUI1LWlfhLPokxRXBrsWAbAOHPCwRQBaKSa7Z9cxiLrly9e579fyLEpz3jh4VjkdR9C1sF7lPtY0FXVycPti_Uo8vwqQNUyZpwwqaYZY_D1YNLYcjshrZr5cQ0x4r3McSMPgEJZRi7hLGPkfpuAUn9VvSEU_1V9OB4MjhWuOE3TQz3arDtzt5wTgTsorNENorfUCqAa0-4NMy6_iR-uYU4PPCogBCBeuPwubsffCRC21ln6lfe69WDgEBY1B1UgDwElYN8_MmUuEsh16Khp1NveeFYUjeaQoPFOJwhZvNKetrMeERfn8Kh6fJVyDvDweS9j-ztBqUDp4t5juClTQeHuxNKDX5eIEWQyYF6cMITbA8G9S8CnEX6zjOymH7xMLYuTuwLqofvAlPy893fIdqOKjR7PNuR0iaX3p3URmSdqrejla8eI1SXOv9eHgX-1ZCFMONOtCXHV0jcgqouKI5p3-GLXS5JooRkOucR4KWah_eTgjVdgjkiWescrbzneqEKCZrPf764sY_QO725Z32IOFn1lcckqITvwVsycGso5MNeqGgnG_7HwBcn7Fy2t-_eHESoHraIHYc-C9ontE9ASMh75LsLtVOe044SdjcbjrSiuCVZblb1W3WsX9PO5yFO9-Bv1mP6duRJF-26kBflqmo5ZGaWXrTUg4Fp0LR3jN8BEccYqR0nsrqHNsuAJAc8wOiMkDnwRHyzVMiQ_k-VtTte0xIGgUgQeTT_6OEMLdwys-spKb29ubrYQIkKak26_iawf_FVQmDvNV6yGMnFCXaInZUCEmQKckYcZ-ci41rGlRiDKARTJQfWEX5OhwD4Kf3YS09Ec3xnOdv3XvwZLooRj6eDmRCqnXIvitGEQWi-D9g0QedkO2n6bGYUZSoFppDHfTtGAWhlW_JhAOqK5ytbjC-99yyRqtkb_ZmgJk_1FBKSsn3paIpB6dDMrlst0c-ulv9cqknNPBlx-btqUSQxDUvOScgJa_8hpfCBj03b3dzTEBGeNkmtyEi-T0lLfJmL7iCtkGf0AsJOdHCHDkE8tMswqqsmuFVYv9fHi-UzcjmtPI5flZIRDrB-_kX1H11QuHB6zZQ4h4T8ftG-GRvuMLtdg-UohN65p1WhvTL3D5783Vld4_uLUvwBwA03uF3bqyo31bjQA_w1l_nGKXBUI4-eKkTCslyQ3lKXqAImBXE8BuHdnLDdO_hdKt5vaUCHCMeCNiXB86DRaROZa3wEpcvt4x3rrlvXCjCZgrhLOnokuzRr2np3i6Ths1NjR4AIwGRfu-HOo8rpUcMCudLK0lQNWYccmNc4ccs6AWcf03Qy2GsRgT0DDb9Apdlzv1t8FFZlzttgOXwWVPn_onYGJY9akiD1_O-TRjNdNRo9QpDb7gtMuqR0LLpkvIR4CfMC4sdkcVC0kQicQByflPf_0BsFvQBiWxU62TwM4os4kG_dqoHBafovaMaRN_rPvi2VSyAGMrbGl3c3Z485ABcQCCX_D1bsLERnsZueHpBVF9NtKHk00337sMXzCEvliH-JTCClfLTk27RXi84qyAmqKPhHJgHHk0Ck5qPHUHEnErlsRhko-pY0IzmANa7jetfWdqtH2xD4DLjxFsoheD-WiwLm1DYogyvPRP5Bys-BQRgQAegVvsX7gJk7JZIiiaJhcp5EstI6pp-kP0rGkt19wzyQJ3j-4nwN_OtqjXXb3uBaEJ-KRZjmq7vfnbnYOoimzA-R6_tmPdpmaKWGcymKZ7P8XjKdHD9erfAxU7ItzwiWb5MdD7eCTlZH1w2E-CKTslH9xEEG4nikxstS_EoLazIDlFesr9oAWOQxbBe50dcL4v2XvK335Iii1gJNmGwj8kjAv7tVSJzTmes14UazO9pjxTCSReQ6uduIbfGDp1tFBm_0BAblcUSGXGO2AXTpKLZyeWvIYO7BfPSddG9cRwU0iBImobe5VJHTH9-_UCfAUgAC0eX9mIASj4Pj_TKi5kflSSJJR1rT34X1WowtF_xPOeQ-55aLwSitXp0ucy2gtLXxPvI3sJ64vbDwNq6g5-iWs_xguQ85vW1x0gL2P2ha0j6ntifW9oGFpfJqLOuY5RV3n42zyfm6uBwCCz9ne95gtvscxGY00uCbJfbysOd7SjWBYSfqknbgQwKyBtU5pJ2up9E8n_MEBsa3KfMz072lJ0sHyjAmdsb_7XV12Edjn3UuaGzHXgLcNrQ3l0GtEfbTvwgFfaJF39tJXpWTpLqSMEoRxW1VGolIOb3dK-BjSKN-GA8jVINRR-BQzjaQ-mMeOuCP0FhhT_86WqunVZxrjlhTMwrVKSne7o_JfKfXO9Mms5p0InPLFtjeZLbvqGJZ0PRCWuAvXGgyR6a6Eo-bFAiN7amHD3npW94A9bE1dd-XdBJvx68H6B85sU4ex5Sn295hO_Cc2eeSaA0Z30rp0px2EkJEpHIWNVG2bGGxXMmBSY9IFUs72iPthYKf8wYnOGqNSFGNmcNVvlG8aihwzowiFxIhN1HOfXKqTnSZAV1RIldqbHFv876z6opd7I55LOKZcdunHLhnbguk4r9lrJyA8Ryhqg0zQepIa4fvN0I4k_bXed1CmZU2eZ74g0Kkvt21-cGSNs5U-HHXHvFhph9LkY0QJQGLJWcY4bRzyow_ysgaWoAIzBc4FmNvQHXZbPsTQM7tr3ZemjVcylUIKZQjx9Tg3m4Yz0bTE2kzMMOa7GV0jzEyQ8QFzhwC9KCB_xt5YdILPl&cid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59JBhltuFFtHT-zDGVb48ZaQBYJ5CM9dBgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
cafe /
Resource Hash
c061b6f698de8db8a5ef96940736e18f41532ef8b11f2bf17ee5b3234be18a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16582
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2E96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXVNBt-eQY7ycHZC-9u8Ph_qRgASc2tbcbbyX367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQKc2yXiC5-xPqgDAaoEmQJP0LNePzlbubZnbSyNeiqLkNvsY6CdGLs0r3acdI10wGxqvgKtfaoy6kUNz2PGLuHVLQghrfLhK5NkdLxPoOBLm-vKWOtBAOGR29wpd5JZQyevw3ad36RoXGvm9QCT8wCtBOPXFWUBUWRJ17flAQpA_S3phymAGyPjUEcz7fFqv99b875zoqeXpjnoCV63i0rI6xC34cpPPB7JGAKHHzzDB1BDaTmFheRvgowsNR5VQsuPaZYwgendxa7jA2qnrGLB5mRkZuvr4c0LU6ql4_gkU5BJ6Sn29PS0-S--zcl1rrftaTVIeZU1iMtBjf1c8--KwJQZrbM8rnKeLgGRNeYWgeA7k_nD8eQBEmlHMbdOVTINYCZyxWWHl8AEiKrKgpEE4AQDiAXbkJ33P5IFBggbEAIYAZIFCwgiEAMYAUjSvr0BkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEK-VExjJ0-3YAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsBsBOxyrgRyBOB9J3gA9gTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=WcWslqsRibs&uach_m=[UACH]&cid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59JBhltuFFtHT-zDGVb48ZaQBYJ5CM9dBgBIBM&vt=10
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
truncated
/ Frame 2E96 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1406b220feaeed05563af3c8d31774ffc9e1e799055ab7a5037f5ed144f7098

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame BB8B 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2642294&plc=59953019&sid=1358733&dvregion=0&unit=728x90&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2642294&auorder=83962707&aucrtv=56146194&auadid=1358733&c6=1438767&c8=1109&auplc=8942065&turl=cm-ob.pt&c1=VF-DE+Performance&c2=DE_22_AO_P_C_G_M_cic-220-cre----per-xia-dive-PER&c3=RT_PD_C-213-xia-x12-Pre&c4=xiaomi_startguthaben_221102_1456x180&c5=Real+Time+Bidding&c7=Real+Time+Bidding+(Media)&c9=&c10=Adform_AO_AL_None_BNR_CM_CPA-OMP-Xiaomi-x12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ad8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 19:21:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=2626318159387367&bg=!BwSlBEDNAAa7eOFIm3g7ACkAdvg8WkBL5035Sv1s_AeaYChiliyLO7RszLRuxo1vCtW5FXPpx0fRnAIAAABSUgAAAAJoAQcKAL2qmBMCaPtPvPaXQJaGpmCTANJwBzz8fxL7Rwss8fMJ-PoVpe7jhnfpWBI9w_r5tvM7XQV9ecil9DZ9msr6QwfHBL6RUKFdsCmbVNqZRE0WQj-sdEqZ8B-uWSILRVTmrd3jwc-3CcANgTiAkQy9nxb2s-iIvFy3YR5264GHFE42PSgfIcpEYIiFe5QnB8WknvRkOV9GdyvBwTR-G3douyMiMrT7gizgG0P3K21bnX5gQxqQ-3nOKbHdCDWTL2aZAo4LSHxcAkxzH8OBOlvSEDiWDcsil1lO8xao7-Ld-5dz8Dd9korrTPGZk1ExDz2yV-cVxka_DdmgYg8w2e0H54ubYyY0cYjAFkSfzbvc29_Ty-YlzRTyIknPPPqhZGeTuwTJQ4NeXyO53yPHhLeTfxZpqp_bnnNKdq7rOxJ4JpebPfmec8QxWn3Ihq0NAZrEm4x6f5DctR4Oafyjb2o4dcj9iylc66cczzi2bvTUp-jj15j9XEqLMzCAP4t9LF-BTroDgg9vG6r344XfSwgetijpUBTLDQwMsfxvkAyUUoqU3i05tQRsY0PpxbZxplyOq5v2Uonvb1vT3g4FVsl_jdxYZQNihfWolcU1sVGeB22wctWyt5cPddBrjoJNdfOB1sG7qDHLpQWG8Xd1OUMeslLF58rXdXQRFWw0bRNAGdi4feavuE95zSu4FhyUAiSyJeHXSAnOXaeGT68e4r-15SMpGy9_c64OktEeyuoF1aV_O8dk_TW6JfMfjLm6XFuwp31moEksV1KOUXdREXTP5gDfHaqns_U5tAROa98PcN6vt9xL_moghW4zgeOl1wDc_C_27k97CAacda6YmfG26z75yKXnF40dKFeQ9vhCLJMmIFiehcVBnW12ZgNPA6uAPLRQIjylb7sTk_cQV6b5PFXB-j_J9cK7-43Gn4t4l5TtXhavtdaFU4uPiDW0ETMtaK7UN0DhzWJ12VLzprBPOLL-pEGzfwg_BFf3BGVux4Sl2nhl60F1_8XIR2aj2FWcI3vqfuP-C_u-r4zNe-64wqz0g33xxdvhQiy8FEMDqhp2sceU9udKfo4jZwwDlqS9hH0jo1JbaNSFoOxwxb3b60_maSObVlkcuW5U4zTnX9s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
verify.js
rtb0.doubleverify.com/ Frame BB8B 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_52659874339&jsTagObjCallback=__tagObject_callback_52659874339&num=6&ctx=11655933&cmp=2642294&plc=59953019&sid=1358733&advid=&adsrv=&unit=728x90&isdvvid=&uid=52659874339&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&sfe=1&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=108&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2642294&aucrtv=56146194&auorder=83962707&auplc=8942065&auadid=1358733&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_C_G_M_cic-220-cre----per-xia-dive-PER&c3=RT_PD_C-213-xia-x12-Pre&c4=xiaomi_startguthaben_221102_1456x180&c5=Real+Time+Bidding&c6=1438767&c7=Real+Time+Bidding+(Media)&c8=1109&c10=Adform_AO_AL_None_BNR_CM_CPA-OMP-Xiaomi-x12&turl=cm-ob.pt&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTau4%3E%5C%403%5DAETauU2%3F4r92%3A%3Fl9EEADTbpTauTau4%3E%5C%403%5DAETar9EEADTbpTauTauhb4cch6__%606h5adec2bgd6_d2ad%6042%607%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauhb4cch6__%606h5adec2bgd6_d2ad%6042%607%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.70&aubndl=&audeal=&c9=&callbackName=__verify_callback_52659874339
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
2e858f38b62364f331bb7f644544ca3a1a61d0153af00aa03cdf5144f336d222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 19:21:28 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/06/2022 19:21:28
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2E96 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 20:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 20:14:16 GMT
file.mp4
r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2E96
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0668A8E4EB2CA35209AE362F026D3506E4EFF6BE.55873A7CFF9832910504902E8E3DF9DB16827F27/key/cms1/cms_redirect/yes/mh/Xk/mip/2001:ac8:20:3d00:1011:f5cd:ee1:d035/mm/42/mn/sn-4g5ednde/ms/onc/mt/1670440384/mv/m/mvi/2/pl/50/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:17::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 19:21:28 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2458537
Last-Modified
Fri, 11 Nov 2022 14:28:31 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 07 Dec 2022 19:21:28 GMT

Redirect headers

date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
location
https://r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0668A8E4EB2CA35209AE362F026D3506E4EFF6BE.55873A7CFF9832910504902E8E3DF9DB16827F27/key/cms1/cms_redirect/yes/mh/Xk/mip/2001:ac8:20:3d00:1011:f5cd:ee1:d035/mm/42/mn/sn-4g5ednde/ms/onc/mt/1670440384/mv/m/mvi/2/pl/50/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2E96 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lbe1di57&c=4268404705694&slotId=2134202352847&qqid=CPzT3Z2d6PsCFRCf_QcdB30EQA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=786&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.p7
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame C0B1 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
455647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 12:47:20 GMT
expires
Sat, 02 Dec 2023 12:47:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame C0B1 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:47:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 06:47:22 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame BB8B 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=77b446b1fa4c43bc861a4f4e5a83613f&vfdur=167&cbust=1670440888062143
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 07 Dec 2022 19:21:28 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
12/06/2022 19:21:28
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame BB8B 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=77b446b1fa4c43bc861a4f4e5a83613f&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&cbust=1670440888066406
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 07 Dec 2022 19:21:28 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
12/06/2022 19:21:28
dcmads.js
www.googletagservices.com/dcm/ Frame BB8B 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 07 Dec 2022 19:58:23 GMT
file.mp4
r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2E96 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednde.c.2mdn.net/videoplayback/id/605e34f158be8372/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701976887/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0668A8E4EB2CA35209AE362F026D3506E4EFF6BE.55873A7CFF9832910504902E8E3DF9DB16827F27/key/cms1/cms_redirect/yes/mh/Xk/mip/2001:ac8:20:3d00:1011:f5cd:ee1:d035/mm/42/mn/sn-4g5ednde/ms/onc/mt/1670440384/mv/m/mvi/2/pl/50/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:17::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
cc3aa6a652d7a38bc4aa372e099c16890d2d650c9617b3412c0b65b97164a76c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 07 Dec 2022 19:21:28 GMT
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2458536/2458537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2458537
last-modified
Fri, 11 Nov 2022 14:28:31 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
client-protocol
quic
impl_v92.js
www.googletagservices.com/dcm/ Frame BB8B 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 01:33:10 GMT
B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame BB8B 		53 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt=1;crlt=IUqX6En_cm;stc=1;chaa=1;sttr=28;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ae01087f313f60e922246f3cf0b0f693b9b52b8278d4cf291acdbcd6f7035a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25753
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6YH4nZ3o-wIVBvkbCh2h2gp1EAAYACDMmfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyX367pEEITCPzT3Z2d6PsCFRCf_QcdB30EQA;dc_rmcid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59...
ade.googlesyndication.com/ddm/activity/ Frame 2E96 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6YH4nZ3o-wIVBvkbCh2h2gp1EAAYACDMmfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyX367pEEITCPzT3Z2d6PsCFRCf_QcdB30EQA;dc_rmcid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59JBhltuFFtHT-zDGVb48ZaQBYJ5CM9dBgBIBM;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D10%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D33251092%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670440888134;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E96 		42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRC51t-eQY7ycHZC-9u8Ph_qRgASc2tbcbbyX367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQKc2yXiC5-xPqgDAcgDmwSqBJgCT9CzXj85W7m2Z20sjXoqi5Db7GOgnRi7NK92nHSNdMBsar4CrX2qMupFDc9jxi7h9S3x4xfpJekAkQQR3PxbajGDQ9erminpkdusKHeSbEknr511nd_OYUFrNPX10AYLLUQW1GBmAZCRSiJ15QX_Qwgq6Yfcg-4g41CyMBjyar8qWga9c6BSlFM66QmrtEJOyRndnNCoBFEpUVZQgz_cjnm9Drd7wCln2AN4LiUeJEPzj-g4kYDsevse4opaqqzhzttahGDsa4EOjQwtrCacKVJcohy8wUMD7kamF_FU7j6O1spBRzQeKwP8BNR0dUWFjLscGCYaFIxylT2v-zOdnorCO5_tUMahWJtiZTG5WO5GAi2t7F7TJMAEiKrKgpEE4AQDkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAeALAYAMAbATscq4EcgTgfSd4APYEwqIFALYFAHQFQH4FgGAFwE&sigh=2QJ0OapJ_UI&label=part2viewed&ad_mt=10&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D10%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D33251092%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670440888134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2E96 		0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAclyf7m5Cx6q1gsNATaxfcEq9UFjhUhysnECBRRNyeDNlgR_y5FMuvmCpkWHVNleaKiivEACtwcPG8EW8pmRmlKBHlSZ_kkpq0Tac8Ktqmoul1Q951tdw561qUb7SyAy9G2bcT50HHZVVqzzrjcqO8ERDeU-TDF_yEhFNoFgxQRhqV9oKjO7Ukm-Z8M5Bb2WpfVNhW39PD6yOWx6yl1M22-afOLCgObmfQpIySs9IGR-lAZljeTt2QhIa2HSmFarvPMmoE4e_p_0eRoPjnJ67banOh3wViGorxQX6jUDadpTtit1TaKTjI7dGhzgtlS11cnpcIAWvdKiUd3m2NTtwKButUopN2uXiqcyRfSpscuwskdj-EW6w_udx76-b6KxyJCldRfQ_8Gw_quwL2zV_XvMYnVRkxkNa3c6UPb8_ke2zPGKdlEAXYpe6mKysZJrT-xit_stLlSvoooQzQVFqc_lN6U5jLBsYiDU19vYyWyOkGgBPEdNMOkANA1xUyg3M3SvF0PWHsTR4DFwP5TMY-5ZstIlvhI_s4EIwNUyvYNXc08k9wmIpRbkthZG_TdJUhos4zJBcHaLM-SYxBozlI4kdnwRf-wO8x2KetxbIcQaqzZwN43RxI7niUftIXct4a4pkJAhlqU5VFTREiFv99NMz3hYZyP5ePARxTgECac6gwNtwtnE_S2M9oDBR_n59_6m-6gWF77p6k9bGaWobvPqhbJPZ_ZX03aqnN6J2CuXHB-HIgoZUP_f2GVznz6XXYo9mYLSsC-W56bzYomzC-hXoFk7yxGKRwH6A25Nx2etMuWoRT6jqd29zKQABygQ5lVSiODx-fLwAoiXaANfu2-PrBaaUdnqj6NUEyDNrioAYjc_NjU_2Ny2_tI5FsNk-OxvPT2D9LLK_NJQPDNE9QZJCeHnffY7YFA_CkrdycpVhAUAOprqftOsyWtFgBTHxebwjWk6ZZzQDP_w7VvSKN5ZWum9YxbFlJo6KE-2vLVAGJsl7tR5sFVM25jOwlmAlgvuZVbT4AdtcCpQ7VLSM0_TDUvMWdnVMM7jp0GKnfawgJrSKc1QPwfIjyxXsAqj48h_GCbF5IX1xC50CPnAoS625_PEPGBP4nY05W6ZFEFMo7K3zAMnpg3XUjYpt1MixO8cTjPWvE4tUgKozL7qka-JKjaTQpU00-cKI3qyWM3FE8va9idw-Lf1ZUhI3AA3t400p1z8gIE8PX1XEpqMXzmHdOIU4iuSp5rf8js5u1jPDwuw-msQ6DXqfXoRb4gUgvIWiuBWWxuhMGFJhc7UZd2Cdw4e6bwfYFSt7WTMmOU5jyol18FXnAWp5GzryFqjAF6hVlwdbyGyvOzZavy6w&sai=AMfl-YSIcSfq7U-6koaM2YHKc0QdOFLRnLT6sCkScawKB3CpqC7JkS9qW2hslTCqEblY19JJmM4VAIGLjMdGO-6930eka-WBKbHSzNbYJIIvrVBJvWxLtvZJaVqOmdFvyEKGyk9TwxH1aCwpkVcL7aEns4o7KKFk4vklHCtOnCRs63MpYRARkwJnnOjA-FeADxdoGWfY0hEHfEKOphr77GHHB4tUmbIl6V2CryuTSAJ2GXkCh_nLac87shc37oDaeBwshBoyrnNQewWSBprDGRI5JaRW5zDAveFcu37OL_-2aYVzdVWqjHR_HdVj8dHR-pM&sig=Cg0ArKJSzEjRkhIKe3lAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2E96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjJ0-3YASABMAE&v=APEucNVM4QoQnepJhAMoLcsrFLHxK6X3QRkpuTcTk0Qu4L5__Zllo2ok_TIWF6KA7nMKSXUHgAQ_v9rd7OTrfpbjNmR9GODH6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E96 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6YH4nZ3o-wIVBvkbCh2h2gp1EAAYACDMmfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyX367pEEITCPzT3Z2d6PsCFRCf_QcdB30EQA;dc_rmcid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59...
ade.googlesyndication.com/ddm/activity/ Frame 2E96 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6YH4nZ3o-wIVBvkbCh2h2gp1EAAYACDMmfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyX367pEEITCPzT3Z2d6PsCFRCf_QcdB30EQA;dc_rmcid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59JBhltuFFtHT-zDGVb48ZaQBYJ5CM9dBgBIBM;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D10%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D33251092%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670440888134;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E96 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAY8_IWPOleJT6b7N9_7Wm34FWzXIggYWL7Hj2O3tjScluRhZ7_nboVTeAzpywhFqXrWSqlOvTGSTOqG9rVrNDlVGnxCznjg2N-66TKn074azD-e5XrRtjrtE4gHUFFSZugXPgu77zGC2Jx2H7kryCiyw3BQcOJn5U-Fqnnle8jzMb80VZbXqaOmpZnRq4XwFQCDnnxKQFuytmMigRKP-5K3y6Kj6GEpkzQVXBIjQ3eUsL1fMRIcTe-7-Pqd5qzsvTK2mUIOHrUkqEeE_2XIH_4MDLaGD2xD75BLQAt3lPP0P4yY55fH8Y_sLfJHsChHrrydQdkdrrjXTUqwvUUYOCZqJwKaJHk3Uv8Od0eOpRKn-XOSCofgYx4r2B6LMj2FIWTvBDoFyB_o10TThzXpV1b3zcuWII62KPfLzGyV6HmoklzB92Y2PEhkFre6lLvzfrumt00sKGN9932GamjpjlZAYVx9zL7Pi9iyIFTwr3gKO3iR1IaFH_OwV80etCreahAVj9M4gBTBRE35Ya3HLtcVYfrXS5iWobea6J7SXdvFs0zhnbobsijFhTkrMg8Kmop6QSD_O9VR9BFlk22TKgOuWqdG8bqDUexSmoaaRjxjPtCE3Np6zvut0ZHxIKu8-HO2Gm4fB4A3yPwgO_ricwndFJwRJ9fB1HayoGBXwv_OuiFvMKCOzlovidKP-KzYv7yn_clIfX384Ufb5mD0q5Fe-5KbnoX6bxWw7A-52xN2TgxTj2zG9sgemw7PDSrd8DsMwz0-8xIDpCeQwCHVqy8X_bggQvykfFqr9-1R3vF-BvqkK2IDVImGt6DjwCGSn1ewQ2ZYdFizItYOMVITcW-UOftFDiPlNaREzxiZVSKYt82mqe2IKjyHXQiRvFMKjhFaxzY0iy7ozyBsnLBsbxwY4pNPrQiHlCQOrNE3TlbFfxQu1464SaVt7VSJOGqm-2hIim5qQ84aYqg4Ywlq1vFRAVrQc1iCiciwg6RC79jJxf54MtXSDuIGMXgI230Q_J9Cp2bT-QxkwIOBjQOVJRgRP79LeLXnXH62Rmcbyh7ZOVfQmM94_jtD_Hp7vcYgO8JCnG3pxf9K-Z9aa6gTEhPpprOthlV-HtLW8Zz_f7trGRHBh5memaTGYYcH61wKhVx_BsfzPV0EGDxB1cxkxkJNNvy-SrckCsV8UZexJb2c1ZkfBdCqQG0zV21i2PftUESD8RMGiGGh-WkGRg5PZEy6jIeN7KkszM21C6XxPoIKWXW0ux1loxCm5LgiD0fCR_NzmPo-Np7Z1G&sai=AMfl-YSlvLSNQJiea9Awr8wZ8vtTM0r0NQwrTnLPBi-GEW3y-OD1WU8acZGMpqSazIq7mT68QR_rLVCQptM3BmePIwNM1vVslfx2GYQuhLzjNzYMVQlUkBCduwIKKnDmtG2wVWFvzjJ05cDn6Wx2KiKz-YydkmAlmCbXlRa8&sig=Cg0ArKJSzGY61vI4ahBHEAE&cid=CAQSSwDq26N9O3nfDyOUoxeEvoc14uUKjDj0lpAEMHB6jutbusynVhEl4WglPaU5Sc6uzOGnx59JBhltuFFtHT-zDGVb48ZaQBYJ5CM9dBgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D10%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D33251092%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670440888134&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E96 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRC51t-eQY7ycHZC-9u8Ph_qRgASc2tbcbbyX367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQKc2yXiC5-xPqgDAcgDmwSqBJgCT9CzXj85W7m2Z20sjXoqi5Db7GOgnRi7NK92nHSNdMBsar4CrX2qMupFDc9jxi7h9S3x4xfpJekAkQQR3PxbajGDQ9erminpkdusKHeSbEknr511nd_OYUFrNPX10AYLLUQW1GBmAZCRSiJ15QX_Qwgq6Yfcg-4g41CyMBjyar8qWga9c6BSlFM66QmrtEJOyRndnNCoBFEpUVZQgz_cjnm9Drd7wCln2AN4LiUeJEPzj-g4kYDsevse4opaqqzhzttahGDsa4EOjQwtrCacKVJcohy8wUMD7kamF_FU7j6O1spBRzQeKwP8BNR0dUWFjLscGCYaFIxylT2v-zOdnorCO5_tUMahWJtiZTG5WO5GAi2t7F7TJMAEiKrKgpEE4AQDkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAeALAYAMAbATscq4EcgTgfSd4APYEwqIFALYFAHQFQH4FgGAFwE&sigh=2QJ0OapJ_UI&label=vast_creativeview&ad_mt=10&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D10%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D33251092%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1670440888134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2E96 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lbe1di8y&c=4268404705694&slotId=2134202352847&qqid=CPzT3Z2d6PsCFRCf_QcdB30EQA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=786&mt=video%2Fmp4&vs=640x360&dm=20000&ple=0&umsem=0&event_name=first_play&asset_bytes=198142&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.u1~videopreviewstarted.u3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C0B1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2SOvt-eQY6nKN4byb6G1q6gHAAAAADgB4AQC&bg=!SEulSw_NAAa7eOFIm3g7ACkAdvg8WqEd4PD9loGlV1rkta7gTeUeUdLg6f1qlnWBZF8ZQfpNmCmbSQIAAABYUgAAAAJoAQcKACXePKpyQ-syGCZ_9ksKcTJdLDlsowoISqhuAYhR6FtPAQWuXSZEmQLswexW8889bB34rQZjgjiPBnJQ5zvqkqk92bIxN-_6V-RmPllEWT8HFVbob0JrndaAQqxdQvX1Llkg8ygOeULhJm2VA55OB6RJpgu_kXiylBY6FY0kXhGbV70dwXeqIeDRUt6m310BkLMbArYHYkKLBblpFNSC47_rbOGkNZG_13bsC9GZX6YsSGp6s2T4HnjDInWiNldNUNDgFgj6RWzQ3se8WQnGg0rMMjKd7QhjN75nVRqKiOSbkl9pWkFrEtpUcuveSrFNIWXXAcTUKQP1755M82bw_ru7Hcan9LPNcexK5l8Y5D8BZhqt6TkwyT34IoXZ9RrS76nzIxBrbRL-BfFqkYqPKtZvOg3Fzql7R0oQ1d6FA6fWSMGbNt3NW4QqibzxLsAJlcqa8eOM-qkDZ0-_XPA-x2vbPKmMiMGRxKayXXASrpJFZexQumKoYl0pHqmrhQH4M5RHLNOfRPbg1CdSsmm54cA2V8GglJavZdbvvaoD-c6yjvwBo382D8N1CuY6enIDGJMS_LtnZzNWCDNnGZraUSQds4piUYWGWe_7680BKxxB4VpOjDT2yFaey1fuxFutNJIDoWRsH2VLL7BBHjqlOB3Kk1mBrDMhcCddwvi2KYDiDf2O8L05uKlPZ436MDblhF-aTpG3uk0tJiGfVuOt3zlMkHFM7pyPPVuKVAMhV1Xx-qt4r1NbOZBPvCsF7eIhL9Ltc6nY50TwRtBQLrez_uzcYYM4F4XZkrHx4WE96oJUPU1A_okuBiyy24Mv2hvRxQzjnF5X2nWzNRbzFOZOfKjU1OMNZQYIYlh9iZ0L469QAoo1P3R0qqdAZYfqDJvXKk5YYbrK3zE6hP5Ap9jLvZTVVWnePmQHQBaQNewmJZ-A01961HygCcpbKNyCesxZG-2_T6rUBYt2MyEueHpselfZuxu8SSDcb_cc1FwFav4G6BRzDvv_WUr6Ou_X4pHakcHqBVFI_bAD9UpJxHloG7UhWVM6KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB8B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt=1;crlt=IUqX6En_cm;stc=1;chaa=1;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 19:21:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame BB8B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt=1;crlt=IUqX6En_cm;stc=1;chaa=1;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
67298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 00:39:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BB8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1zjaXRvJuIwUVc1z9M9vwXSknN3JtixORTIdjdE16UwpMs9uSluDeLtAHFIm5Lbq6deGY3CiJ4-3lFXWq4Jin-33qq0-CvMwUIAJGXD23J2im2C1SZzwI9VUVaHZ5o4LCrrKwEpGj8zAergwm9rd8eA&sai=AMfl-YSES0GuJGDo0YRlkVpT1gn8I8ckCL5hy82xqn-tRSL52hvtauDodnVswfpl7ruGhdIf2zES7ZAZRYt9SUU4tJdO7DiBGBLdhajw0oXy&sig=Cg0ArKJSzJv2i2pRwWeXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221129.95256&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt=1;crlt=IUqX6En_cm;stc=1;chaa=1;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 19:21:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BB8B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt=1;crlt=IUqX6En_cm;stc=1;chaa=1;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 07:06:25 GMT
16962963768266320094
s0.2mdn.net/simgad/ Frame BB8B 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16962963768266320094
Requested by
Host: 93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
URL: https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 19:27:40 GMT
x-content-type-options
nosniff
age
431628
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34175
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 19:27:40 GMT
/
track.adform.net/adfserve/ Frame BB8B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59953019;rtbwp=jfZ9B69n36oQbpIgya3xbutjcxmFbeTX0;rtbdata=yEFHjpLMPkrQKgtHgdebwtdEMwA3gwCyNgO8USW8YxEjgVvQL93P7xugVsbtTSWsQXMshdzqDiVEVfIPGYUo2KPIki8ts18xKx4coeK5RQRQcAlPi1Gdlp7tZb-Q5KvRLMQvCjo7ZLc8OjDFrNLHlW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGReGoU_acw1ziKlIVB8GRaNEPz5nwR80-ZobaDlF97_-OCT1AMnbBGpfuEv7lD3JxtbLrvapIC6bX7H6_NPsDgS4iHMporlN8yb_bM2ENAfq1B8hDbv55vSg1KuOqTAmLI30oqM5qEtfl7UdPwjxOrmefFqoW_Uv7cOa3Zdu3iTVzpiW_rQbTGDAoWjsbDh2OJKlMtGeRisMRaUxuOeVNOvSWtAO4uaJ3oYh4ALc1wU5ZlPf34LqPSEsb_2Dur6Uph0;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CLAbGff6y-MqHMLsI0XOHQZVzqGChkyJieHSvxjbglFjRi7NilCba5T7WXJg35mTUgfwZVnb2gZI9rcDZCZXL58hMfj0tTa-B6zogkUgvA9RDooBt37AffIMIeNfh-QlQXMshdzqDiVEVfIPGYUo2KPIki8ts18xIlvdpQq-gUfWLEXnpOMBellxC1NE8z8pln8BetTtWr4DeDr6Pj76wMWjAexNyLOV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEb47TYVrNM5IqSJ5QRBtfPV7EvxPVwR0_4jG0VM71YqapA91K7iSmjd6vWmW1dlSa0;;js=1;adfxid=1x;1432;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fcm-ob.pt
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 22D6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
344526
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BB8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1zjaXRvJuIwUVc1z9M9vwXSknN3JtixORTIdjdE16UwpMs9uSluDeLtAHFIm5Lbq6deGY3CiJ4-3lFXWq4Jin-33qq0-CvMwUIAJGXD23J2im2C1SZzwI9VUVaHZ5o4LCrrKwEpGj8zAergwm9rd8eA&sai=AMfl-YSES0GuJGDo0YRlkVpT1gn8I8ckCL5hy82xqn-tRSL52hvtauDodnVswfpl7ruGhdIf2zES7ZAZRYt9SUU4tJdO7DiBGBLdhajw0oXy&sig=Cg0ArKJSzJv2i2pRwWeXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=27&vt=11&dtpt=26&dett=2&cstd=0&cisv=r20221129.95256&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1066843471;ord=wbmvfu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fcm-ob.pt%2F$0;xdt=1;crlt=IUqX6En_cm;stc=1;chaa=1;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 19:21:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BED4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrg6pSF7nDcPmno0RWOug0O38hTyN5Q_xLnXvUz7zWFy1pC7NMAaifmMF1CaBr5_tqomG2WVLh-JTTO0vAh68FJBg2t8v6SkpbX5lSGqZM1MMFWwigxb15KuAslrfkOLR7xJVmOQM1TRfl2ZtKQzl7m-x_MwOPnQXWIJ3glN5eAHC8GNmJq60bQ7kvzbmAT-CyUT_HIuPdg8qir4ilX8QCUbOWOPwNqzkNoDcp7NvNnzVp56yYYRvEwVyqjwTZKt2_mqH0qe4Hip4qW3HAOgcOvRUsbtlGHVDPWG1wSVxtfQ5k7cPPofKjuks-o74MZkLBHKdSdv3xY1RSNbE9dixs10Add0fTPZvBWM0U6Q&sai=AMfl-YSve-NIxpBGdZgGTwx9YVoNVpPG0YMF3sxsVELf1g6a7AYULUBYtGRCLUVnPKdJbC5aHLf0z9fCR_j0-jzL2YLje0oT8C6B80nTJssb01wzcea6bX6noSZrclG682yz8uc0v4aMGxykoKNIoXlqo48&sig=Cg0ArKJSzMZrTw6ZkCmiEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 07 Dec 2022 19:21:28 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 22D6 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 06:47:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 06:47:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22D6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXTWzuOeQY7rhEdeD9u8Pv_eomAcAAAAAOAHgBAI&bg=!lJell9PNAAa7eOFIm3g7ACkAdvg8WgL9rcMlrgZOTzT2BihNSzSGV3KaUTLO7A2wB6uzYmKOpwkgGAIAAABbUgAAAARoAQcKAEOcLEKDbYu-JxvPmKFFys-gc735tbJcQ23ZvRTdaxVCuSJGDujSgJDlLlMD9a49-JIESoN2AgwaEEgXhRmdf1Z1Ie9tmQM3lBGCWkw0-0Q8bwZzZR_G9b7qxF8FqMaPurEATuRB0LolwEh7W3WtmcHZzdcFOLcMvR636gMDu0pYhaMfZKGi-HCs1OooawOr_Hahp8rEb1A8TfIwQnrqF6at_svbkzP7sMpGw_ICR40BrX-IHbST7rQUDhAcps4eGklY4PbPjmTpAWDusrdVpet0YQmtIWLvewHRub0cdCX5uLxHn7PPTlkqEvgus3bbehmxOk_ZkQGGXWxL518T4kPs-93LqDbIl0QCq1qM1P3myzh1DmMB2NOuTOH4RfXG35aN0r7GF9BHJUXT6coIRfioUP-0F1KyBYdg2CHmHhfFxzwZFJswewPfJXE8lmbciUYSYlSUK9n6kSOvOiereqXrnHYlG6XbNTm3YUgKTR-wOQc3udICaK4t_W5He6R_2jgWz_hlv2R7IljLz9wsuKWbNvRwjw-gVLlrcqAKafy8FYREqcCL-0gZil9ydrUNLsCoa0JW0U4Mp3NqGvmSjvFbEAk0aHLzq2w3AujIgS0ML2MAisBuCX6VUwVZjJMlxqFfePpPgd9wH6T2Ao5FX5WEtPnT2s-OKQuMmm_gZCZnKHwEVkvjEhdzjAUe5Lw0U4_-sZG-biGF_SoEKx9U6UmMabh8DSOrCpLeg7NFKMzKxJGu6HyDOIalgPYiuFEcMe6qjo8EOnv-7HtWWlcRFov3sjmEEG8z9QTA4krPU3_YZ3F7_JNsBXOLFHIkkCxbUCnkdp3PDFJowZXzm5RydCWNYVnUKg5-RXpVNTfhdkaTz7DKKDjz3HLSqhiMR32xH6P5QPVDbrhj4yiIoTQnjgiEGvwF5JFyBClEKY9zju9iuhU9TD3FwniTkwZbtLq-s-9D_GIZAXivRX124gaP3t-OTPm8utxJY_4W_oW8FhLKfmgPktE9lmWf3A92JzSUdNlGNaYJYUietMP7L8QPG4HeY_e-0Prz1oHr9u0Nt4-ZkrqHgtzLCBAWrSPZ1LwQq7bVOdH8FvyVfBMiuQaplT0aSKCJFQaq-T9xlU1JtgjMm3yKqoNCYQHs3KTUtUMzUPdnIZBVWYvO0hh9fIuWEYfFOZAOKwAcyK27cMzK-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BB8B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-nEE0tKqH4w5_Z3vDLgAvKHbV4nPf5LC8RH5zrhWFTMZHOQT3Aal6SamctkCZ5RK86Mwvqen8xsyRxdXa0vl0gZ4tc49_&sig=Cg0ArKJSzOyOd38okDtBEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1066843471&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670440887587&rpt=819&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BED4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvCDz12XLNPtHXadhwyc-5gXYbuLHOavCB4TW6JVYWVl1IbSqke0mVyJUwzO3dtmbQlUHqz_nazccGKC8E4QT-qfW3pPbfZk0t-CFS3obVcUbUO_Jc&sig=Cg0ArKJSzIYkaZoiVJqREAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3382704926&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670440887513&rpt=904&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx.adform.net/adx/unload/ Frame BB8B 		35 B
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1670440889581
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		0
0
pbjs
sync.quantumdex.io/usersync/ Frame F9F8 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame A087 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9EF6 		0
0
pbjs
sync.quantumdex.io/usersync/ Frame 90A1 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8AED 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 039C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcm-ob.pt%2F&domain=cm-ob.pt&cw=1&lsw=1
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Domain
sync.quantumdex.io
URL
https://sync.quantumdex.io/usersync/pbjs
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Domain
sync.quantumdex.io
URL
https://sync.quantumdex.io/usersync/pbjs
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange function| $ function| jQuery function| Popper object| bootstrap function| Waypoint function| Stellar object| AOS function| onYouTubeIframeAPIReady function| uncamel function| setUnit function| setFilter function| isTouchSupported object| ytp function| getYTPVideoID string| nAgt function| getOS undefined| nameOffset number| verOffset number| ix undefined| start undefined| end function| Scrollax string| waypointContextKey function| setCookie function| getCookie function| createGeoRestrictionCookie object| AdSlotCollection boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
cm-ob.pt/ Name: __oagr
Value: true
cm-ob.pt/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.cm-ob.pt/ Name: _sharedID
Value: fabaff89-058e-4dd2-9848-2ff4ca150a62
.quantumdex.io/ Name: uid
Value: c97283f7-a7b3-4f89-a8e2-9c06828a9763
.adnxs.com/ Name: icu
Value: ChgI8Jt7EAoYASABKAEwts_DnAY4AUABSAEQts_DnAYYAA..
.adnxs.com/ Name: uuid2
Value: 5625663640994182291
.doubleclick.net/ Name: IDE
Value: AHWqTUlcNWu47ZykHf_u4O0cyxmQMSok8ZAfEPwPprwbZCOD5uTNkE0cp43gQgLr9UE
.adform.net/ Name: C
Value: 1
.cm-ob.pt/ Name: __gads
Value: ID=60f9331e583d82c1:T=1670440887:S=ALNI_MY8JHF4Mu2kgBkJNsAI5MiSaLglPg
.cm-ob.pt/ Name: __gpi
Value: UID=00000b8edbdf6a89:T=1670440887:RT=1670440887:S=ALNI_MbJEjPr5ocb7hEciJUdpK4x5MVqPg
.adform.net/ Name: uid
Value: 299711402539911442

1 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

93c449e001e9d2564a385e05a251ca1f.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
bid.g.doubleclick.net
cdn.doubleverify.com
cdn.jsdelivr.net
cm-ob.pt
cmp.optad360.io
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
optad360.mgr.consensu.org
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r2---sn-4g5ednde.c.2mdn.net
rtb.adxpremium.services
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
sync.quantumdex.io
tpc.googlesyndication.com
track.adform.net
useast.quantumdex.io
www.google.com
www.googletagservices.com
acdn.adnxs.com
ads.pubmatic.com
gum.criteo.com
match.adsrvr.org
sync.quantumdex.io
135.125.163.79
142.250.185.162
142.250.185.198
142.250.186.66
147.75.85.234
185.184.8.90
185.64.189.112
2600:9000:2156:b400:6:b871:4f00:93a1
2600:9000:225e:aa00:11:a4de:2580:93a1
2606:4700:10::ac43:2ac9
2606:4700:3031::ac43:93a4
2606:4700::6810:5814
2607:f8b0:400c:c14::5e
2a00:1450:4001:17::7
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a02:26f0:64::210:6ad8
34.149.12.213
37.157.5.71
37.157.6.233
37.252.173.215
64.233.167.157
99.86.4.86
0560fb06603fa2aa1cb927b5cf47fd243c07b4919311d6efa05fde077241fc93
072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
097bfe54100eac16362d17cd25f5e5587c3e1df4bae562a1954b7999f8453652
0a1c2e3df944f0d9d0c5af55489ebd21bb614c30e5a770455abec5e7fcb2e26e
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0cb1ad557dd98476b941d852a17a29712c5c5333a9c0d6f97e089525f872454d
0d860e352529bca1f3289abf6b57ad8fff69032e2c4d98cf09e4ad3d6650f3b5
0f006f8aebf25d9e50d5a5eb25a652b6cbecd2d75dc99cc5d3aa79b963b5b89e
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
114484b6bcaa6c2e7ac8301929d6bcda18a7f71924a835c2e6c01fdbd6421f5b
11c19392554c9b78c15771afa8f9fbfc78e0e46ca9527831f90ae41f95da73b8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4
1bb1fde4af6ddc44c42ee5d452a641868ffd278206b20252346af398cbddfa7c
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fd959fc54e427494f2d526d2275660853f4616b5a476ce547a1c963d5bbbad2
229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2
2cad01199254e7b19c8595fdbadded2934243bebb0cf4ed94d1cf0f4db2a16ea
2d385da55b86dff0c7514007841a085f9623f644ad2aae6b6149caaf5f2898cd
2e858f38b62364f331bb7f644544ca3a1a61d0153af00aa03cdf5144f336d222
314c10f01a7e81bd4775e7ef4b2d8402648679137fabb9af0512b5a785a0230d
35652aad571df0e1e44b47da8a656ef45fd0050fd5c95047d69adab4bb60753f
39887bcc8aa3f77aa45d1fae0641af1227ec918a7eec9a23700b0c96f5f74304
3bfc9dbaccf2a80cfc1d82ec444a8da8d30e53116ca64aea80ca8c2f15632519
3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
403b33dbd3aa8fe3b94ac8d6cd2b1ad5dec495c9313de112c921693910c67115
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
500bfc62d016cf183c412c5936594c609064cbc5865c1065353af9ad09aa46a4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5198dc27c3e04b46047da973ff1a075ac65d2e133f86f441f0cad06074f128d9
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
601f544b91a0588ca8cc6343334f4c235380f15c86c055dc8de455bfb30e0ef0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cf34d7d8f336c49926a71077cb85721b5d4ea4965ec863d00e4e67889429b6
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6f5aecaa5ce6db5f6afa8ebcd9258aef673badc9086f8d26148e0df96e8a90e3
7514112409d72b9db8a4acc15bc7515afb57bf05055bbb3ba3192ded83e3d694
7d0fab53b362134d311a8b2202a9877d3b2da7cc2de4bf7c63bb455c8d08854c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
7f3f0bcae6e5d7f81ad1868d5a61d1538dc460c9efc955931eec63ed7b02febc
866e136465f8d394fb467dd65bbcd0b78d050ab6ee4ae8eba39ab5f681820064
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9409002d5515bdb6f71e7fc1af6d79fe396878e224852de3dcc154298e3b2860
99a313556153fdc21564e05582bfd3a65904fe540c3a81e1021f54d0ab6d23c5
9e91b53182113694b53e34f029829d2e1b716e20d169bd1ee7f2bc4c2d5a4515
a1888721c9c73b67994e0f71d70cfd1a7682d7f4685932ffad0a99c4616e6a96
a34b5fcade85366776a2c6bddf24a58ceaff7d2eb8ba4bf4496df1adb31d2ce1
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
aaea0c9d6e746d45e1bd66f5bb947fd0035e68189a2d0a0be874e6c5f710eba3
ab9bbfbb22f96dfe5c1524b50f2f6e8210dc9484598f4ad3e7a66d3ec7f51133
ac06dab75be7abcdb197df7d16655acf77ab17a8c48124373c5712e5a8a085c4
ad6fdf8fa97bc4a6377ae4b22958867bfcf52fe60599c7bf96e75d31a9879e00
ae01087f313f60e922246f3cf0b0f693b9b52b8278d4cf291acdbcd6f7035a46
b400a52bc9e437c0bde53bc563b854b160a99016171e17ac100a11adf3ae4931
b7f7edf7dc65c4faddfc30b51d1c8e8e3536dc120f86785d38c8a026d31a3852
bc0ddf69f98e325bbefb9ba9daa8c8d69b8541c0defc28f2059bafccc6915bcc
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdbd330291838ba9404d72383a4b1e9f0a57c996f0b6e7fb3ce9a91a70348777
c061b6f698de8db8a5ef96940736e18f41532ef8b11f2bf17ee5b3234be18a28
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c1406b220feaeed05563af3c8d31774ffc9e1e799055ab7a5037f5ed144f7098
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
cc3aa6a652d7a38bc4aa372e099c16890d2d650c9617b3412c0b65b97164a76c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce7fbd5167d309fe01011c8e9d705efbaf23f8737d71b2ef405d11e5cda09989
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
d5c5e731b8c995ac40ce247ab42366d7df4cea7522f743480afb9be0a93ad2a7
e00f9cf601d02d864b4136b726188d723ab369a3fc80df6aa274d8b55141925e
e337a8991bda7d8cf31e6c3fd109ed16b8df0c2b198323640f9ddcda8863e074
e3859237ce3dbd3a3cd91a1b5726daf8d4a7547ede6b1972c38b218058cdba0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57ca47cc882aff51f652036e326d1042cc1b9dbbf64e40f195193958b19af42
e75eaf71056ab1676fb1d6c8126904e890c8e54fa557b4a12e1badfebd0de89b
e8e757bf3950349d716928b1b3729d44f5c45084cb072930f83ca80e84b5f071
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef32dd19b8c1199d54ec6e516c20cddde149424bee616901733c253ec0219719
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7236018adee6435646b8affbcd4392237716caf04db52641859e35435331905
f94faeb226047b9b7c9a4f30aecfa7700e8f5952c9d48fd2ba7c5ca6d07ad7f5