www.celsoazevedo.com Open in urlscan Pro
2606:4700:20::681a:e96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.celsoazevedo.com/
Effective URL:
https://www.celsoazevedo.com/
Submission: On January 07 via api (January 7th 2024, 5:43:47 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 46 HTTP transactions. The main IP is 2606:4700:20::681a:e96, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.celsoazevedo.com. The Cisco Umbrella rank of the primary domain is 258275.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2023. Valid for: a year.

This is the only time www.celsoazevedo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:20:... 2606:4700:20::681a:e96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1 2	52.19.82.212 52.19.82.212	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
46	14

11 2606:4700:20::681a:e96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.celsoazevedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.celsoazevedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.82.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-82-212.eu-west-1.compute.amazonaws.com

ihg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	344 KB
11	celsoazevedo.com www.celsoazevedo.com — Cisco Umbrella Rank: 258275 a.celsoazevedo.com — Cisco Umbrella Rank: 376445	409 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 ad.doubleclick.net — Cisco Umbrella Rank: 199 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	57 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
2	demdex.net 1 redirects ihg.demdex.net — Cisco Umbrella Rank: 12029	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	23 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
46	10

	Domain	Requested by
13	pagead2.googlesyndication.com	www.celsoazevedo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.celsoazevedo.com	www.celsoazevedo.com static.cloudflareinsights.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com www.celsoazevedo.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ihg.demdex.net	1 redirects googleads.g.doubleclick.net
2	ad.doubleclick.net	www.celsoazevedo.com
2	a.celsoazevedo.com	www.celsoazevedo.com a.celsoazevedo.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	static.cloudflareinsights.com	www.celsoazevedo.com
46	14

This site contains links to these domains. Also see Links.

Domain
t.me
mastodon.social
twitter.com
www.pushbullet.com
amzn.to
ebay.us
s.click.aliexpress.com
techcrunch.com
web.archive.org
archive.today
github.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.celsoazevedo.com/
Frame ID: 1492F18767A7EE591F18963B61EFF21D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: AB91F62A5260B3F849B7B7E034C4FF61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897310014199352&output=html&adk=1812271804&adf=3025194257&lmt=1704644766&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fwww.celsoazevedo.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704649423161&bpp=3&bdt=273&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7049176450879&frm=20&pv=2&ga_vid=795164472.1704649423&ga_sid=1704649423&ga_hid=400007846&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079759%2C31080114%2C44795921%2C44809530%2C44807405&oid=2&pvsid=1122960545515386&tmod=428088810&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: E24F92FEC9DA8B9C16E8EB0A29DA5D51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6D3359479D2DC9075FE40BC87048A9D7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGMrtuoECMAE&v=APEucNVVO6SGfXiMMxBIXJdr3pdz_WwWodqY4P8CM2mtTFyf9TzHc8sUZl8YfR_XB6yWXYtRfTP_D-In3C6mnm2ey7Wc7v-55xuaLzDE6PgMmf5NoDSTrBLOGH2A89sWzhp54ei__qQtCud4E8M_VFDKxAQY9yEFvkbOIqSkfi24Dx-6mbgzR2A
Frame ID: AE0D14F91E80F79849DA489025CDCC23
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 399471EFAA1BE72A39A7B3DB3F2E9EB4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C7A50BD661927BDC18B50DAA1C4A66E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 394D5F3E3A39311C9971C4B85111E413
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Celso Azevedo - Blog de Celso AzevedoCelso Azevedo - Blog de Celso Azevedo

Page URL History Show full URLs

http://www.celsoazevedo.com/ HTTP 307
https://www.celsoazevedo.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

46
Requests

89 %
HTTPS

62 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

908 kB
Transfer

1928 kB
Size

13
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/googlecameraport
Title: telegram

Search URL Search Domain Scan URL

URL: https://mastodon.social/@gcam
Title: mastodon

Search URL Search Domain Scan URL

URL: https://twitter.com/GcamPort
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.pushbullet.com/channel?tag=googlecameraport
Title: pushbullet

Search URL Search Domain Scan URL

URL: https://amzn.to/45L54Om
Title: Amazon UK

Search URL Search Domain Scan URL

URL: https://ebay.us/3qUN3R
Title: eBay UK

Search URL Search Domain Scan URL

URL: https://ebay.us/DmuW4J
Title: refurbished

Search URL Search Domain Scan URL

URL: https://amzn.to/3PeiQSL
Title: AstroAI Mini Fridge 4 Litre

Search URL Search Domain Scan URL

URL: https://s.click.aliexpress.com/e/_DCBpayf
Title: VEVOR 10L Mini Fridge

Search URL Search Domain Scan URL

URL: https://s.click.aliexpress.com/e/_DExmrAX
Title: very similar copy

Search URL Search Domain Scan URL

URL: https://techcrunch.com/2023/06/30/twitter-now-requires-an-account-to-view-tweets/
Title: put all tweets

Search URL Search Domain Scan URL

URL: https://web.archive.org/
Title: Wayback Machine

Search URL Search Domain Scan URL

URL: https://archive.today/
Title: Archive.today

Search URL Search Domain Scan URL

URL: https://github.com/Magisk-Modules-Repo/acc
Title: a Magisk module

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.celsoazevedo.com/ HTTP 307
https://www.celsoazevedo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=206761141&d_adgroup=574684208&d_placement=383851600&d_site=3439440&d_campaign=31013565&d_cb=3217130784 HTTP 302
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=206761141&d_adgroup=574684208&d_placement=383851600&d_site=3439440&d_campaign=31013565&d_cb=3217130784

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpAh_15VR9JeBC20vmMcfc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpAh_15VR9JeBC20vmMcfc&google_cver=1&C=1

Request Chain 31

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZri0A7YuUYO1Eo3ZljVawAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpbxI7kNxyUb8wVo4anifk&google_cver=1

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENw918RngEHK9egV5-lGQEY&google_cver=1

Request Chain 33

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5NjMwMjg3MTIwNTkxODI2Ng%3D%3D

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.celsoazevedo.com/
Redirect Chain

http://www.celsoazevedo.com/
https://www.celsoazevedo.com/

156 KB
27 KB

160ms
56ms

Document
text/html

2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328ce25bb745f7faf8f316c0186d6eff244290a3e6ee626b1d3a8d7a384611c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1127
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: HIT
cf-ray: 841e012ccba15d9c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 07 Jan 2024 17:43:42 GMT
last-modified: Sun, 07 Jan 2024 16:26:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjqDaWx%2FzyihO5Ti8LL3pfpt6MzJ%2BVw1%2FSkF4k6kiYEVOhIRuNECGFKy5usNU2fb47xtfRT9RxM7g%2BRsRO%2FURqYSfZ6t4fZJ%2Fxdu9TEt9QwOsUEqnmaoGhFXxKvrIttVAlEDYPeILI%2FibD1BVxGJQD17"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,Cookie

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.celsoazevedo.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 google-camera.png.webp
www.celsoazevedo.com/files/2018/02/ 4 KB
4 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celsoazevedo.com/files/2018/02/google-camera.png.webp

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92da5251c65cdfff8d8267c4eefbe6f39deaf820797300e919b5d944e434ea5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12337
alt-svc: h3=":443"; ma=86400
content-length: 3848
last-modified: Mon, 15 Nov 2021 16:57:51 GMT
server: cloudflare
etag: "6192918f-f08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00dUmQ%2BhIj59AuzL%2FopNxlGBpR6t7evQax02%2Fi2r%2Fi6UlnpcQaP1PRAvmMwkW2daO4OGcuo0lg4IumPHMxD3d4%2B2qmNqqGU5FZ1TA1K4lGkTiVZw%2BcFoTmPqR3ul465xcWdEjynXe2W%2BSTR5GswFVeLw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841e012d5c1f5d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 oneplus-8-pro-cracked-display.jpg.webp
www.celsoazevedo.com/files/2023/10/ 32 KB
33 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celsoazevedo.com/files/2023/10/oneplus-8-pro-cracked-display.jpg.webp

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c771f6d322c8aeba0e226afe92afec4e219ecc7d95265f2995716d736330b10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12337
alt-svc: h3=":443"; ma=86400
content-length: 33074
last-modified: Mon, 30 Oct 2023 19:52:25 GMT
server: cloudflare
etag: "65400979-8132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRFWY%2FL7KbHl2GWPmLZs2QGp84t3PyUn5kfsHKThMNNpvWiWQBowniOfUxvDb4iGJOcN4JSbh9GfaQLX7hGZG36m%2FIQ4AREmBzlrcf2H5EevhJqgudjPmNkXav477%2FG74QJTg1VAYZ4if4efKYlrmpXt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841e012d5c1c5d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 subcold-classic4-400x400.jpg.webp
www.celsoazevedo.com/files/2023/09/ 4 KB
4 KB 51ms
50ms Image
image/webp 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celsoazevedo.com/files/2023/09/subcold-classic4-400x400.jpg.webp

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c7383c897587711954cc56aeb9665b09d5221f4adc361576f894adecd3996a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3=":443"; ma=86400
content-length: 3882
last-modified: Sun, 10 Sep 2023 01:07:07 GMT
server: cloudflare
etag: "64fd16bb-f2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0QkVbhmCjdQCJrbc%2FQ7edsFDnnSODL6ZOiBGkAMXiK9Df9OPyBBPs5pIxpT8wBjxrh3zGYxH9o04%2BPSs%2FnDWFht1aWhq7xCODwxF50XitVbKtnA3kGmtfAvRbnU7hTmZkBorX3uB%2FpAxNn4jfPMuz7E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841e012d5c215d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 matomo.js Show response
a.celsoazevedo.com/ 65 KB
22 KB 76ms
57ms Script
application/javascript 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.celsoazevedo.com/matomo.js

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90724
cf-polished: origSize=66607
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 00:26:58 GMT
server: cloudflare
etag: W/"658234d2-1042f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YnhpQqyCv1UXEe3I8bQRo4qiemO7UAgGxjv9x4OXYkcGNRG5GK19dslxnrLF50t%2BBghzDFL%2BMtKGXDHXz%2F8e3OF4dX2CiiMyXCFreQswIQbN4nyfaagBWVNTea7iKffDrrTAorPCxUfDHaA36rSLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 841e012d6c3e5d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 175ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c214b6d01199dad35bbbb559c12ba2dfe8e842add2085db4338b8be460936f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51661
x-xss-protection: 0
server: cafe
etag: 7120727389732144650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 17:43:43 GMT

GET
H2 200 instantpage.min.js Show response
www.celsoazevedo.com/files/ 3 KB
1 KB 57ms
56ms Script
application/javascript 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celsoazevedo.com/files/instantpage.min.js

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e6077900d21940206069ce5b05bae5e2ef6f100187cfe49dda6c41a10863e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.celsoazevedo.com/
Origin: https://www.celsoazevedo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90754
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 23:15:10 GMT
server: cloudflare
etag: W/"641b8bfe-b8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zxw12yHu0rAMMX9qOepdL0ltnq9orXvS3aUUYsOCSg9%2Bec%2BDKcwiFtJ8emQHzBR5K2fNtWnQV3jsIP%2FlObB5ncvgQppQPL2k908nbU8GY4R49cQ9e%2BhxgVlPjthwbUqGaFYT8FteVBm8qkzNw4Drg6pE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 841e012d5c235d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 180ms
99ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.celsoazevedo.com/
Origin: https://www.celsoazevedo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 841e012ddd12924a-FRA

GET
H2 200 subcold-classic4-front-1600x2133.jpg.webp
www.celsoazevedo.com/files/2023/09/ 138 KB
138 KB 81ms
81ms Image
image/webp 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celsoazevedo.com/files/2023/09/subcold-classic4-front-1600x2133.jpg.webp

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b8f1db565a012d7249557c1548c28432f2d74c797e85b288c5f3dc0f6ad7fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 141094
last-modified: Sun, 10 Sep 2023 00:49:00 GMT
server: cloudflare
etag: "64fd127c-22726"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfCz5gFNfkwuqmasBnhp2zdonNHYA7OI553Cq%2FIAHCgC32y4Snw3cmu22m0%2Bjnnrsg%2B85AZp%2BabkkuC3Kb6rY1KF8pzd6%2FzZWrjrWi%2FkErDOuzI2j9MC3SNX3BMmEjB1PhBex3297H9cuD4%2FVrmDI9HT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841e012d7c445d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 subcold-classic4-back-1600x2133.jpg.webp
www.celsoazevedo.com/files/2023/09/ 148 KB
149 KB 107ms
107ms Image
image/webp 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celsoazevedo.com/files/2023/09/subcold-classic4-back-1600x2133.jpg.webp

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

facf40706d8d19521a6c6132c310309e9e53a15fd83913cf28ea3fd8b96f8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 151886
last-modified: Sun, 10 Sep 2023 00:49:12 GMT
server: cloudflare
etag: "64fd1288-2514e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4TlQzUV6FlCGicqzZ4dfCc%2BnBJoYkLi4U97HXBqjXPbu8ACKZeWj%2Blk%2B%2Bf1W1xSXwe29oF%2FPTP3hShInGwLPcgwM%2BdDb8m0VSoMW8AL0dVdeQ1XewKuzjXBO4%2BiK7Zn1oTmkMrmIkovmEyeM7qdIpwT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841e012d7c455d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

GET
H2 200 sign-in-to-twitter-800x865.png.webp
www.celsoazevedo.com/files/2023/07/ 29 KB
29 KB 82ms
82ms Image
image/webp 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celsoazevedo.com/files/2023/07/sign-in-to-twitter-800x865.png.webp

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a53b1db9b8f703e17f65141028dee02f66f747fab6c4580cb22d5c753d6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29496
last-modified: Sat, 01 Jul 2023 04:53:13 GMT
server: cloudflare
etag: "649fb139-7338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTnsj8DVNS%2Fk4yb%2FEzPIOkWYG1m3SKVeqeCFwBGWZUDb10M9Msf98n1oH3Kb5F2S2kFTD9hr2ATg2Kqp7zgRPWPD4%2Fh3iDViifbQtj4KKsKj8CuAQAE7FUsu8F3uGVNLBBHTTf6egIgrhM9apy4n2RWa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841e012d7c475d9c-FRA
expires: Mon, 06 Jan 2025 17:43:42 GMT

POST
H3 204 matomo.php
a.celsoazevedo.com/ 0
500 B 157ms
156ms Ping
text/plain 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.celsoazevedo.com/matomo.php?action_name=Celso%20Azevedo%20-%20Blog%20de%20Celso%20Azevedo&idsite=1&rec=1&r=840338&h=18&m=43&s=43&url=https%3A%2F%2Fwww.celsoazevedo.com%2F&_id=854131a8dd0da6b9&_idn=1&send_image=0&_refts=0&pv_id=g8AdAi&pf_net=104&pf_srv=56&pf_tfr=3&pf_dm1=24&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: a.celsoazevedo.com
URL: https://a.celsoazevedo.com/matomo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.celsoazevedo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 07 Jan 2024 17:43:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BXaJfFqwncYU7EVYyP1FjTSL6RA4zj%2FbjTiJDEXO7ZQ5dSCnzaLrq3BplMNoDpdaSqiU9oAUQCzCkJN8qWiwwRc2DRuVTgbtZB0dzZFdSiMuBPixiT1Ci5EwXmZNDp66eabWMrPbILyvOfu5UuJmw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.celsoazevedo.com
access-control-allow-credentials: true
cf-ray: 841e012dfa0abbcd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6897310014199352&plah=www.celsoazevedo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59c174fd72b6589215dd0371087d4d850f56cf1ebd06c20b2384b145efc4ff60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139430
x-xss-protection: 0
server: cafe
etag: 14642066993340935163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 17:43:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame AB91 9 KB
4 KB 128ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celsoazevedo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 03:05:36 GMT
etag: 9219409622527106327
expires: Sun, 21 Jan 2024 03:05:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E24F 116 KB
47 KB 802ms
801ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897310014199352&output=html&adk=1812271804&adf=3025194257&lmt=1704644766&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fwww.celsoazevedo.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704649423161&bpp=3&bdt=273&idt=204&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7049176450879&frm=20&pv=2&ga_vid=795164472.1704649423&ga_sid=1704649423&ga_hid=400007846&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079759%2C31080114%2C44795921%2C44809530%2C44807405&oid=2&pvsid=1122960545515386&tmod=428088810&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6897310014199352&plah=www.celsoazevedo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc0a9b85a2fa15f2e48c057976c3588a5237f2315987c1d7207f57a3ed263b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celsoazevedo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48230
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 17:43:44 GMT
expires: Sun, 07 Jan 2024 17:43:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 167ms
87ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29b686eb7210dbd60593fe42d1f064bdea109638e98498816e0a97a742edc998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12233
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 162 KB
55 KB 125ms
125ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d198ac358d90e9224df9930a26e836c7182a1c57517cf0035029953fbfdd5e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56268
x-xss-protection: 0
server: cafe
etag: 3378422938501302480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 17:43:44 GMT

POST
H3 204 rum Show response
www.celsoazevedo.com/cdn-cgi/ 0
146 B 50ms
50ms XHR
text/plain 2606:4700:20::681a:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celsoazevedo.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.celsoazevedo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.celsoazevedo.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 841e0135ea76bbcd-FRA

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 6D33 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celsoazevedo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 23:50:17 GMT
etag: 9219409622527106327
expires: Sat, 20 Jan 2024 23:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 180ms
79ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 17:43:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE0D 624 B
246 B 80ms
80ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGMrtuoECMAE&v=APEucNVVO6SGfXiMMxBIXJdr3pdz_WwWodqY4P8CM2mtTFyf9TzHc8sUZl8YfR_XB6yWXYtRfTP_D-In3C6mnm2ey7Wc7v-55xuaLzDE6PgMmf5NoDSTrBLOGH2A89sWzhp54ei__qQtCud4E8M_VFDKxAQY9yEFvkbOIqSkfi24Dx-6mbgzR2A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 17:43:44 GMT
expires: Sun, 07 Jan 2024 17:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 6D33 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:42:56 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 6D33 7 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 00:37:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6D33 0
0 194ms
85ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst55Mp8XYXxXCDWyIbKOqGEtlcA3d_Wu3Mvhma4cAc60ApDy_nvQnXG5cDsvMQKykrEdbR0ZpV4sgGbg4kX66wbBFEh0P0iVgmKGpvN8KKqYIteLwxW65h_tiuQeOk3YcEwSqWgvcFOSaeq1trkCxJq2BHOQik-Gld_6iymcsDjQ3QQ2ClAG_FJQBxVGdvxH5_sggogMh1L2wdb_Cb2S3AlBNLskx_4WvA3E6kjIRKZ4WKITz5T5brZ18tFCPFloixRLVNWSjontyjXD84GbhcwtvHrDINoJWMclM6DN0_zw6UzVOg1LuYWyJ1MCS5jlNR2vHrO2jX6dyI4DFSQ-co_YP518OYM_B5cZIhQUB2oe3SB0o0GIqMHpyzEdKn6TE7JLFAUlg0OaBc9rYwAJJEXo8omPCr5EeE9Dk10IdbRFjnwQiC8GrVetK08kLntEi3oeieFq3b2C3ESG-npN1BfbEddyTST1eHFdGSDZx0mKqGr-g94nixp3ZV3jlHg98KJTSjfXv-3C13rgLQhgqnB9H33SaI-o69w0OG4jzus_flMYNKR3jmW39H0jBSwlR-41wCoXO1BpSTlo-pj-eFc4tY-z-vLYpL9FRaiCYksSHIqZZ_WMNIYAmba-nHrcGFAeoY0OFK2ctfo8np1cLk1YwoCME5Q-17lfQDm-lovXNxPdszLgWDAxSerUYzEK1tGQni43OII5h1cDTKNLKfz0rOIUw2mVgQHjDRbmudVfVJbE2HKvd3SbEzPfpjOon0hqkeAWTG86TNBG5zMrxyMtO7N_bnBtMwRhMziuTkUbhLNGLh-JUgnm8EfnNd5w--3tZf2dXohLM21AvTfYRId1_Qlma_qWoR3hyhHlEVlffsWhGFf1xKgjs6k_tMxe7bhvqbrGLbJ_U23fN8ZJWJ7CN_b2BcyuyRAcCWYn__o2o83NqMy5Hjx-cByUfDNxWdbvXK9LPgyDeorqTa4PkVAB94AQfPQQ_1iYKflQsy-aqRnPTcR7eiIBUAVwjzpNucwcNIpGfMrThcS94GtQqGb3zT78UQzOQsmaES1yYb1iyXGD9E_83O3qBG-h4rkvAX31yjCittTEISB8oQFslqULdFEavmZ7fsUfcOokd7n-qI3XJsF4QImAA9t2hrGkJHJXCRdqg6hjnMN1jRy4gJIW3HA_V8hF-MDAvtTi2SeMGfSVwjYwSJHgCwY4vZJ5ULwvzmS8DifD1mTT8DQNT-tu1bwfCJHx5vKvX-OXE3hWSfQFUOW8qrrcRte_kCkADER4L57iV1crRZGz6VKbLcS-TbwP9UGJS2Y2B-L5gAFiDHx3r6Vc54yuGHOw3NCW7mf9b3bo8Hyr0jhPpke4HUaY5VwUkM&sai=AMfl-YRG3pWOfzwk-gnJLNkwQpdwdkkb11BVCQZmA_XDcmaNDLaZZEIUmV4FCmNqjnn002zyKejoaaANpsxaxUNSPNSgbMbxVZydtEvls38AEiv6VXXbTjnJJ5HPDULP89Y0AsKN7Iu_AipnVHCG84lRWuG3DSrJig1C5_0l3bOVBXTYQK8sf7qGrZYsEMjlx8vgL3VQrh9xUGMLxHd7ACu1hyspU7SG0CZkgqBPve4hrLQ4OgWNqB4Xnl3dyKm6Qinv0NG6Gx4EHkqmyExnlrTXgv9_TkXNfmHwWbNyMof48RGuGVmL_5K51leOvqgQD9Ezoxjh9kCvDUhwJCg0U392wKkitLcSNOUO64jp9E_rcfAIOn36Y1Y-lv41GzN1eKnwuToGZ20PYsZR2RzozuV0JxtzOGwh8nj67184RoaAnwegMzCqidoP4l_KAj_Q5cPfr_jiqmfqnhW_cbg9U1gLF0xY-eHjy1hszrlfUla3Jf4WorbQF_GIybJYEbd4jWSZqqYPHwUFmrc-&sig=Cg0ArKJSzAgn5oj6Dg9LEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vbmVsaW5rLm1l&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240103.62394&arae=0&ftch=1&adurl=

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 07 Jan 2024 17:43:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 07 Jan 2024 17:43:44 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D33 41 KB
14 KB 104ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 446068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6D33 3 KB
1 KB 137ms
78ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:36:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6D33 20 KB
9 KB 98ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:36:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D33 42 B
63 B 79ms
79ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CC69X7xIZBM_wCmHyAlUdZVBO3mk8Pg7rTCHgsyDV8WLSYByjX6ZKChpvc_GJfmSeuX7GvFkAGzwnNzt-o8iY3JvE0Z3E1CcmjJfBD9ceGdgDIVyw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D33 204 KB
65 KB 156ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 17:43:44 GMT

GET
H2 200 17150035076914999079
s0.2mdn.net/simgad/ Frame 6D33 22 KB
23 KB 132ms
39ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17150035076914999079

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44a8665ea9e8a998f2a18eee241d64fb403b1dee6d7d6b1b813bff13092a2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 14:22:51 GMT
date: Thu, 04 Jan 2024 14:22:51 GMT
x-content-type-options: nosniff
age: 271253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22625
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 14:41:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

firstevent
ihg.demdex.net/ Frame 6D33
Redirect Chain

https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=206761141&d_adgroup=574684208&d_placement=383851600&d_site=3439440&d_campaign=31013565&d_cb=3217130784
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=206761141&d_adgroup=574684208&d_placement=383851600&d_site=3439440&d_campaign=31013565&d_cb=3217130784

42 B
718 B

62ms
62ms

Image
image/gif

52.19.82.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=206761141&d_adgroup=574684208&d_placement=383851600&d_site=3439440&d_campaign=31013565&d_cb=3217130784

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

52.19.82.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-82-212.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-034c53ac2.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: rnu3VJL2Qzc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: PATS2lBASvw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=206761141&d_adgroup=574684208&d_placement=383851600&d_site=3439440&d_campaign=31013565&d_cb=3217130784
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpAh_15VR9JeBC20vmMcfc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpAh_15VR9JeBC20vmMcfc&google_cver=1&C=1

43 B
773 B

76ms
75ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpAh_15VR9JeBC20vmMcfc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGMrtuoECMAE&v=APEucNVVO6SGfXiMMxBIXJdr3pdz_WwWodqY4P8CM2mtTFyf9TzHc8sUZl8YfR_XB6yWXYtRfTP_D-In3C6mnm2ey7Wc7v-55xuaLzDE6PgMmf5NoDSTrBLOGH2A89sWzhp54ei__qQtCud4E8M_VFDKxAQY9yEFvkbOIqSkfi24Dx-6mbgzR2A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAtmdeoPzYtgH49rFCZe3nMZZq0z6XrvqJ5VYP59IrU3wU5HoVhdMSDPkG0R0xtfB4P9c0ykc%2BuMR4soDLP6BQdO96Vqpp9l878xPNPNjBQDuaHlGC%2FLRILJYoBLX5qwEDV%2BTSTjP%2Bxxiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 841e01391f04451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxojsYHt%2Bl9zlVWItI8wIhMtkCSVoO6hfVRAfFFFh0ClhpCkHQPHfNKymYXFvq%2BvBofkS7mRqzwbIu44%2BquUcY5eCyYSmOLY5VEnRXbKPzauCIcoe9gGOV5OGOwjCf3K%2B%2FYqIXG2CZinsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFpAh_15VR9JeBC20vmMcfc&google_cver=1&C=1
cache-control: no-cache
cf-ray: 841e0138aa5e6a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE0D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZri0A7YuUYO1Eo3ZljVawAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpbxI7kNxyUb8wVo4anifk&google_cver=1

43 B
736 B

80ms
79ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpbxI7kNxyUb8wVo4anifk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGMrtuoECMAE&v=APEucNVVO6SGfXiMMxBIXJdr3pdz_WwWodqY4P8CM2mtTFyf9TzHc8sUZl8YfR_XB6yWXYtRfTP_D-In3C6mnm2ey7Wc7v-55xuaLzDE6PgMmf5NoDSTrBLOGH2A89sWzhp54ei__qQtCud4E8M_VFDKxAQY9yEFvkbOIqSkfi24Dx-6mbgzR2A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F2N2cBEEaPOmB4ITuWnVA50qTpESus4rRdKVTjqj5NgRWXsKpeXLtY2PRMg%2B5zZZV4L8JqkkMItpQazWzFLs0Hiu%2BO9PddchYGrHPfFUkr%2FMzFFQOkcbJ3cUmyoQKkDK5ufJDkLOe3hoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 841e0139c84b451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpbxI7kNxyUb8wVo4anifk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AE0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENw918RngEHK9egV5-lGQEY&google_cver=1

43 B
1006 B

103ms
103ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENw918RngEHK9egV5-lGQEY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGMrtuoECMAE&v=APEucNVVO6SGfXiMMxBIXJdr3pdz_WwWodqY4P8CM2mtTFyf9TzHc8sUZl8YfR_XB6yWXYtRfTP_D-In3C6mnm2ey7Wc7v-55xuaLzDE6PgMmf5NoDSTrBLOGH2A89sWzhp54ei__qQtCud4E8M_VFDKxAQY9yEFvkbOIqSkfi24Dx-6mbgzR2A

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
an-x-request-uuid: b2e16c46-1f13-4705-984b-b2f15e6cac81
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.102; 80.255.7.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENw918RngEHK9egV5-lGQEY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AE0D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5NjMwMjg3MTIwNTkxODI2Ng%3D%3D

170 B
244 B

49ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5NjMwMjg3MTIwNTkxODI2Ng%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
an-x-request-uuid: 42e9a5d0-81ad-4483-968d-190cb0292605
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ5NjMwMjg3MTIwNTkxODI2Ng%3D%3D
x-proxy-origin: 80.255.7.102; 80.255.7.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6D33 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a9cc34d3553483555b6e097ac34816c5275e380dda07489a819d90a186c2887

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3994 38 KB
13 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 444185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 14:20:39 GMT
expires: Wed, 01 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C7A 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celsoazevedo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 14:26:40 GMT
expires: Mon, 06 Jan 2025 14:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 394D 829 B
1 KB 136ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52c39803ed54adda9676981dc6136bd7c9dd7437117a51f7cfcfb2c13f325615

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CF8JFng_N_BWO4hzcWN0Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celsoazevedo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CF8JFng_N_BWO4hzcWN0Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 17:43:44 GMT
expires: Sun, 07 Jan 2024 17:43:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6D33 0
0 77ms
77ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst55Mp8XYXxXCDWyIbKOqGEtlcA3d_Wu3Mvhma4cAc60ApDy_nvQnXG5cDsvMQKykrEdbR0ZpV4sgGbg4kX66wbBFEh0P0iVgmKGpvN8KKqYIteLwxW65h_tiuQeOk3YcEwSqWgvcFOSaeq1trkCxJq2BHOQik-Gld_6iymcsDjQ3QQ2ClAG_FJQBxVGdvxH5_sggogMh1L2wdb_Cb2S3AlBNLskx_4WvA3E6kjIRKZ4WKITz5T5brZ18tFCPFloixRLVNWSjontyjXD84GbhcwtvHrDINoJWMclM6DN0_zw6UzVOg1LuYWyJ1MCS5jlNR2vHrO2jX6dyI4DFSQ-co_YP518OYM_B5cZIhQUB2oe3SB0o0GIqMHpyzEdKn6TE7JLFAUlg0OaBc9rYwAJJEXo8omPCr5EeE9Dk10IdbRFjnwQiC8GrVetK08kLntEi3oeieFq3b2C3ESG-npN1BfbEddyTST1eHFdGSDZx0mKqGr-g94nixp3ZV3jlHg98KJTSjfXv-3C13rgLQhgqnB9H33SaI-o69w0OG4jzus_flMYNKR3jmW39H0jBSwlR-41wCoXO1BpSTlo-pj-eFc4tY-z-vLYpL9FRaiCYksSHIqZZ_WMNIYAmba-nHrcGFAeoY0OFK2ctfo8np1cLk1YwoCME5Q-17lfQDm-lovXNxPdszLgWDAxSerUYzEK1tGQni43OII5h1cDTKNLKfz0rOIUw2mVgQHjDRbmudVfVJbE2HKvd3SbEzPfpjOon0hqkeAWTG86TNBG5zMrxyMtO7N_bnBtMwRhMziuTkUbhLNGLh-JUgnm8EfnNd5w--3tZf2dXohLM21AvTfYRId1_Qlma_qWoR3hyhHlEVlffsWhGFf1xKgjs6k_tMxe7bhvqbrGLbJ_U23fN8ZJWJ7CN_b2BcyuyRAcCWYn__o2o83NqMy5Hjx-cByUfDNxWdbvXK9LPgyDeorqTa4PkVAB94AQfPQQ_1iYKflQsy-aqRnPTcR7eiIBUAVwjzpNucwcNIpGfMrThcS94GtQqGb3zT78UQzOQsmaES1yYb1iyXGD9E_83O3qBG-h4rkvAX31yjCittTEISB8oQFslqULdFEavmZ7fsUfcOokd7n-qI3XJsF4QImAA9t2hrGkJHJXCRdqg6hjnMN1jRy4gJIW3HA_V8hF-MDAvtTi2SeMGfSVwjYwSJHgCwY4vZJ5ULwvzmS8DifD1mTT8DQNT-tu1bwfCJHx5vKvX-OXE3hWSfQFUOW8qrrcRte_kCkADER4L57iV1crRZGz6VKbLcS-TbwP9UGJS2Y2B-L5gAFiDHx3r6Vc54yuGHOw3NCW7mf9b3bo8Hyr0jhPpke4HUaY5VwUkM&sai=AMfl-YRG3pWOfzwk-gnJLNkwQpdwdkkb11BVCQZmA_XDcmaNDLaZZEIUmV4FCmNqjnn002zyKejoaaANpsxaxUNSPNSgbMbxVZydtEvls38AEiv6VXXbTjnJJ5HPDULP89Y0AsKN7Iu_AipnVHCG84lRWuG3DSrJig1C5_0l3bOVBXTYQK8sf7qGrZYsEMjlx8vgL3VQrh9xUGMLxHd7ACu1hyspU7SG0CZkgqBPve4hrLQ4OgWNqB4Xnl3dyKm6Qinv0NG6Gx4EHkqmyExnlrTXgv9_TkXNfmHwWbNyMof48RGuGVmL_5K51leOvqgQD9Ezoxjh9kCvDUhwJCg0U392wKkitLcSNOUO64jp9E_rcfAIOn36Y1Y-lv41GzN1eKnwuToGZ20PYsZR2RzozuV0JxtzOGwh8nj67184RoaAnwegMzCqidoP4l_KAj_Q5cPfr_jiqmfqnhW_cbg9U1gLF0xY-eHjy1hszrlfUla3Jf4WorbQF_GIybJYEbd4jWSZqqYPHwUFmrc-&sig=Cg0ArKJSzAgn5oj6Dg9LEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vbmVsaW5rLm1l&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=174&vt=11&dtpt=173&dett=2&cstd=0&cisv=r20240103.62394&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.celsoazevedo.com
URL: https://www.celsoazevedo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3994 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 16:51:12 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C7A 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 16:51:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 394D 0
0 73ms
73ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=1122960545515386&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3C7A 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0gLo_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:43:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3994 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZA_az-KaZciFJpazpt8PnayWwAoAAAAAOAHgBAI&bg=!VlWlVRrNAAY3kmNgF5I7ADQBe5WfOEqiocOwQC58Z8wQkJiQp6rmXXbq4xYEjNdBWFH7VTQm-3V7FBlBCVbaZhQrIR9YAgAAAFZSAAAAAWgBBwoAaEcxFXjCRFNM1PGOJiKJAqH1yS_KExA4L18tH7tUKuon0IwsVOMpzlhRfdnKoe5atgBypBoxcTl7Zox9FBAwzqGnwrSTq8Ofwo02Hhoa48B6FlDv4I6GNcpA3eYCNiBYr5qSAHenPw41mQLaTu1HfvHiQZkxGmuedNPZ3BzBG9DPfANXUtFoObwMrKwEGmQYTMABLb1wWKQXf_VOTzctYvRhR2WoItUnevVAn_ey3h9whaSkqsfCOorq7Xe933f9q77EkrykKEqd-ScXMttkw35TWuKUbVRoS3YJA4xqRP3usGEV4h9lKXhMg7jdyrVRwadYi_LdQxOSv4fKMoCUKsdq_UUBjjbwWaYpnMRnwHFqhIw5Mo1FLo-AqQXeSi9YSM7mOOgDjq8Ny5UhwFDcB6LqaaB31Ph9pIqsdsoHrslciNhlIivj7hLnneUoBGEyG6vdqQusL9ofNqakCK0Ux2LWuic3bUc3jKTf-eLU6t-MxOEUM1K-x_A1q-9pN2lg9hKiXUlHc9GKiQ9hnShrrbPF9dpTiF8mXs0IvQm9mP4UffR30VSCHDhGvMQbus_k8VBZ_PB5WGr617iObPVvk2ij8mI2seDWz5PHEobHBHOfhQBhnNfKifKj3XfpEhWKkz58Z4vswtEU4kOGp6UAXmnCZ972tbDo5YPGT6sVkSPY4e0ME3aiD0OPoc2Vcne-Qgc6xksTueWuN1OY0d-v_tHZKQdJluywxz9s23vrpV_7h4TjHAgUsAuQjEW2OIUagYmCV4nm15rbWH65lgznHUAmvK57_IYXRy07kDYVrTBSlxbwsIXGnjccL6oufCKaaki0AunTUGwxhFd8V5ALmUf7OqWvL7zVX8ydvijw6IA2ZILJdMA27EHfVIj44I9v6foAYrPwoaaZXX0yatSumnqjbDXkO-LxUpFyux-rWD-zBdQeyE8D9UilJfqQUgc7NDo5AlHsrpu8XMsOBpWfyRhRXfF_BPvwvHiwnG8raHN4BcLnnPmuSr9lTTMZxTDgeX7UBTbBSeZ2CvJDvpVnCJpfsq3bo-xxTxfQjkLSW_jCAdSaZx_e3UE3zq1GyiUqmwX8IkYf9Zfc4yUHAXKUQ3dzv9o-3w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=1122960545515386&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfOFmXrv0wup948Y9eNWeECIK5WuYEO5YEh5FZrKhIgalSDRYDELh4IiUL0rqm5bqAAgAAAEZSAAAAAmgBBwoAJShGzsk69t79KE14Gs43bVC0gz3xk_srbG--7vvtTLjp7Ke1iEGZAr2p0fBo46PalGpi4ACxsuKiuIym44s6RfxrI1j-GkvkAprjL1CRmsBw-bXGqUQjfTbzzVlGGaJnm-JAjrbe5VkZsJBDf10rD9D-oSw4Oy-ef8jpCTP4c29DSDeaTGraLe23Dxkw8wEEBWPGeRYYSy9CRXIteq7LD3QJ_pI7Ypj5RrSXk2EJ_l28yqU_XK9nYgdRyz_H4n2lrRGidkKnZZSaD_UlbWMDxXxcZbogpXtBro67NNpZxaxcCik_sKraauLcsEbGZlYAaybRmB6ns5YRHN7OwLt-twASWtQ5AEI3VupcMg40ZHeGReYid4uujhBX5tUDX006hmHPgUuiap6nYQw0OIH7d5KLqmRt6Wn00BOLLPZQJkOXxZLcF4KchHRctW-QjKVunhLmCgY9hKDpCHnEg2qVTLdS4O8QlxugHI3L1Ppk0Wvr4PpLDrB7qimwq-wI5QkMerOw7E1vgTTmmED0kfWWAWNZyGBC0cPN4uWJGJY8wwWFvQu5F2NOir5ds5tQnEtimlVCPZY0f2Cq42EJfEtlREy1g4KkijDiTEZ6KDPtZ09wwO2cKs3NprQIdVFcizFbdThxxFa2fXmv7cq4venV2K28OvLHkJIwGM6EXad3Sr2gJ9vTVaH6GpvUmQjynRr-7ucsnIlqpmTVk7JVBS2W6bUe7DuU3nPUwv3SpT5lWOqJSxqit9kq5rOzrILCrcLhxkvbvqbqWRaFATIsD5Ms_JkscPnfW0qkDqonYfXkNDzpa1Cw6HX0u_6cFnpporpVmvOn_dK6BZLvFbtItrPXi61eeo0JMzVUcJWWX6N0oA8GjgF8TSI144ku_jGIzLJo5AxkWqYba7xqOgujIQEx5MWCNCHOOSEmy3KjwIa4mYBHQ1rscYh-LKpSsVPMAcluNCMSQ4tfT6RDjeTa5GF40DwZsuDwVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.celsoazevedo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D33 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQCgih7I0qOOfofRAOSElEH3zSzdhJXkg7MDaC7E5qLshty3LK9JjsUP_r4JdHNNOs3gwnZfVv9lwjsmhDKoGGtIS2VpOkSe3WhE3E2ICginSXIsXxaqKH687JYugOkgr3MuudJK7KCcoJGKL_jDgGQuMK&sai=AMfl-YRM-14k4GANoWFljBZt2UkxiWsbDCUJCpAxdBOso8liPz9gxgeVxosGAqIDoZJnfD-MosSreXXpFyUN-RB30BjnERBX7l0eXNB8sd69w-dOavnhpHYTJR-StumQVF4hOwA466TxBY6VQAi0uPgq9w&sig=Cg0ArKJSzFS_qmeIQdq1EAE&cid=CAQSTwAvHhf_ZdMgAJxugdZbvb16hYbz0Y63w-AwoBhdJLCmiIKmBYAh3jsgpD3kojlio4P8PjBHam6CDVP-xEFKKwWMLxrqSJRx021SVlCRAg4YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=547,1000,1000,1000,1000&tos=547,453,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704649424457&rpt=538&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 17:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.celsoazevedo.com/	1970-01-21 02:56:44	Name: _pk_id.1.505c Value: 854131a8dd0da6b9.1704649423.
www.celsoazevedo.com/	1970-01-20 17:30:51	Name: _pk_ses.1.505c Value: 1
.celsoazevedo.com/	1970-01-21 02:52:25	Name: __gads Value: ID=d16755d56763ae9e:T=1704649423:RT=1704649423:S=ALNI_MbMQjwO1udq2si9wQzcfhp0N5ct8Q
.celsoazevedo.com/	1970-01-21 02:52:25	Name: __gpi Value: UID=00000d3c1d96d689:T=1704649423:RT=1704649423:S=ALNI_MbWj5a2QrvINMrZ0P-bsFlfCAlqDw
.doubleclick.net/	1970-01-21 02:52:25	Name: IDE Value: AHWqTUmfgO-R7wPpi1viYcUKqVbRE4N5wnkhQiEuLT-6YK7LfTh57NhKFEcT2nn2qDA
.demdex.net/	1970-01-20 21:50:01	Name: demdex Value: 22346973551566718571154668692374219406
.adnxs.com/	1970-01-20 19:40:25	Name: uuid2 Value: 5496302871205918266
.ihg.demdex.net/	1970-01-20 21:50:01	Name: ihg Value: 22346973551566718571154668692374219406
.casalemedia.com/	1970-01-20 19:40:25	Name: CMPS Value: 3275
.casalemedia.com/	1970-01-21 02:16:25	Name: CMID Value: ZZri0IFwWGBkUaTOM7ATjAAA
.casalemedia.com/	1970-01-20 19:40:25	Name: CMPRO Value: 3275
.adnxs.com/	1970-01-21 03:06:49	Name: XANDR_PANID Value: Z57ErC-nf1fglwca9X3Q6DhTo-soa551blVGFEUxEBEFx7bdRR2lJJ89oZtcmBhsGDpeFa2DAsSXB_W8dY4hkg4wckaBJnmgOTxlBoLGGt4.
.adnxs.com/	1970-01-20 19:40:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU]vyf$1!@wnfH8K6pQK`!5=E<L5?%Ldlx]Ss0soI/dvUv7o9pff%'i/?[/JBk8)#fbpRzqF1`*b^wx)zc1U

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.celsoazevedo.com
ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
ihg.demdex.net
pagead2.googlesyndication.com
s0.2mdn.net
static.cloudflareinsights.com
tpc.googlesyndication.com
www.celsoazevedo.com
www.google.com
www.googletagservices.com
104.18.36.155
142.250.186.102
142.250.186.98
185.89.210.244
2606:4700:20::681a:e96
2606:4700::6810:3865
2a00:1450:4001:803::2006
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
52.19.82.212
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
29b686eb7210dbd60593fe42d1f064bdea109638e98498816e0a97a742edc998
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328ce25bb745f7faf8f316c0186d6eff244290a3e6ee626b1d3a8d7a384611c2
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42a53b1db9b8f703e17f65141028dee02f66f747fab6c4580cb22d5c753d6ebb
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
52c39803ed54adda9676981dc6136bd7c9dd7437117a51f7cfcfb2c13f325615
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59c174fd72b6589215dd0371087d4d850f56cf1ebd06c20b2384b145efc4ff60
5b8f1db565a012d7249557c1548c28432f2d74c797e85b288c5f3dc0f6ad7fd6
5c214b6d01199dad35bbbb559c12ba2dfe8e842add2085db4338b8be460936f6
5d198ac358d90e9224df9930a26e836c7182a1c57517cf0035029953fbfdd5e0
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8a9cc34d3553483555b6e097ac34816c5275e380dda07489a819d90a186c2887
92da5251c65cdfff8d8267c4eefbe6f39deaf820797300e919b5d944e434ea5c
98c7383c897587711954cc56aeb9665b09d5221f4adc361576f894adecd3996a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44a8665ea9e8a998f2a18eee241d64fb403b1dee6d7d6b1b813bff13092a2c3
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c771f6d322c8aeba0e226afe92afec4e219ecc7d95265f2995716d736330b10a
cc0a9b85a2fa15f2e48c057976c3588a5237f2315987c1d7207f57a3ed263b0e
d9e6077900d21940206069ce5b05bae5e2ef6f100187cfe49dda6c41a10863e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
facf40706d8d19521a6c6132c310309e9e53a15fd83913cf28ea3fd8b96f8de1

www.celsoazevedo.com Open in urlscan Pro 2606:4700:20::681a:e96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

89 %HTTPS

62 %IPv6

10 Domains

14 Subdomains

14 IPs

4 Countries

908 kBTransfer

1928 kBSize

13 Cookies

14 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.celsoazevedo.com Open in urlscan Pro
2606:4700:20::681a:e96 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

89 %
HTTPS

62 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

908 kB
Transfer

1928 kB
Size

13
Cookies

46 HTTP transactions
1 data transactions