www.aereo.jor.br Open in urlscan Pro
208.109.190.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.aereo.jor.br/
Effective URL:
https://www.aereo.jor.br/
Submission: On December 16 via api (December 16th 2022, 9:23:41 pm UTC) from CA — Scanned from CA

Summary HTTP 370 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 62 domains to perform 370 HTTP transactions. The main IP is 208.109.190.28, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.aereo.jor.br.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 20th 2022. Valid for: a year.

This is the only time www.aereo.jor.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	208.109.190.28 208.109.190.28	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
7	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
4	100.25.107.144 100.25.107.144	14618 (AMAZON-AES) (AMAZON-AES)
37	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:4a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
19	23.49.251.202 23.49.251.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	51.222.39.185 51.222.39.185	16276 (OVH) (OVH)
1	2602:803:c002... 2602:803:c002:200::115	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.2.51.253 52.2.51.253	14618 (AMAZON-AES) (AMAZON-AES)
11	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
2	23.105.12.145 23.105.12.145	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	3.17.243.71 3.17.243.71	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.55.14.74 52.55.14.74	14618 (AMAZON-AES) (AMAZON-AES)
5 27	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	50.16.138.112 50.16.138.112	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.234.62.154 3.234.62.154	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
6 6	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
8	34.102.128.115 34.102.128.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	184.24.36.23 184.24.36.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.204.152.12 23.204.152.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.205.72.21 23.205.72.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1 1	4.78.226.224 4.78.226.224	3356 (LEVEL3) (LEVEL3)
2 2	35.211.141.197 35.211.141.197	19527 (GOOGLE-2) (GOOGLE-2)
1 1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 3	23.64.61.36 23.64.61.36	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.204.152.28 23.204.152.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2 4	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
9	2600:9000:251... 2600:9000:2510:c00:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.205.73.36 23.205.73.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21e... 2600:9000:21ea:e400:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	54.187.209.148 54.187.209.148	16509 (AMAZON-02) (AMAZON-02)
1 1	23.205.72.198 23.205.72.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
8	2600:9000:21d... 2600:9000:21da:a200:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	23.78.168.242 23.78.168.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
5	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	162.254.186.187 162.254.186.187	33695 (SCALEMATRIX) (SCALEMATRIX)
2 2	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	23.195.100.217 23.195.100.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.5.219.41 52.5.219.41	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
4	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
2	199.127.204.162 199.127.204.162	26120 (RHYTHMONE) (RHYTHMONE)
2	54.83.180.210 54.83.180.210	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 5	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:b333:1a3:d097:8434	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
3	2c0f:fb50:400... 2c0f:fb50:4002:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:ba61:0:1... 2a00:ba61:0:126::c	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
2 3	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
370	61

63 208.109.190.28 (United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 28.190.109.208.host.secureserver.net

www.aereo.jor.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 100.25.107.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-107-144.compute-1.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.49.251.202 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-251-202.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::115 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.51.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-51-253.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 68.67.181.211 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.105.12.145 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.17.243.71 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-243-71.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.14.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-74.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.80.66 (Glen Cove, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.138.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-138-112.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.62.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-62-154.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.175.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.178.172 (North Charleston, United States) 6 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.24.36.23 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-36-23.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.152.12 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-12.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.205.72.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-72-21.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.37 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.249.213 (Council Bluffs, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.78.226.224 (Paradise, United States) 1 redirects

ASN3356 (LEVEL3, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.141.197 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com

m.fg8dgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.64.61.36 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.204.152.28 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-28.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2510:c00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.73.36 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-73-36.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ea:e400:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.187.209.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-209-148.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.72.198 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-72-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21da:a200:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.78.168.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-168-242.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.254.186.187 (Escondido, United States) 1 redirects

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com

demand.trafficroots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.100.217 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-217.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.219.41 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-219-41.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.180.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-180-210.compute-1.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.43.72.97 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.43.72.98 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:b333:1a3:d097:8434 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:808::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2c0f:fb50:4002:801::2003 (Kenya)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)

rr1---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.32 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	aereo.jor.br 1 redirects www.aereo.jor.br	6 MB
53	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 pubads.g.doubleclick.net — Cisco Umbrella Rank: 404	329 KB
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com	494 KB
30	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 24420 static.avantisvideo.com — Cisco Umbrella Rank: 25755 events1.avantisvideo.com — Cisco Umbrella Rank: 28825 cdn1.avantisvideo.com — Cisco Umbrella Rank: 29338 avm.avantisvideo.com — Cisco Umbrella Rank: 25158 events.avantisvideo.com — Cisco Umbrella Rank: 23405	324 KB
27	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1238 secure-ds.serving-sys.com — Cisco Umbrella Rank: 1916 lm.serving-sys.com — Cisco Umbrella Rank: 1839	591 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	264 KB
14	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 462 eus.rubiconproject.com — Cisco Umbrella Rank: 529 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894 pixel.rubiconproject.com — Cisco Umbrella Rank: 309 token.rubiconproject.com — Cisco Umbrella Rank: 563	18 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 imasdk.googleapis.com — Cisco Umbrella Rank: 405	1020 KB
12	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 576	42 KB
11	media.net hblg.media.net — Cisco Umbrella Rank: 1815 contextual.media.net — Cisco Umbrella Rank: 540 warp.media.net — Cisco Umbrella Rank: 2500 lg3.media.net — Cisco Umbrella Rank: 5094 cs.media.net — Cisco Umbrella Rank: 1387	151 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
8	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449 image8.pubmatic.com — Cisco Umbrella Rank: 594 image2.pubmatic.com — Cisco Umbrella Rank: 852	1 KB
8	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 35033	54 B
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 713 gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835	9 KB
7	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 26209 usr.navdmp.com — Cisco Umbrella Rank: 31002 cdn.navdmp.com — Cisco Umbrella Rank: 5826 sync2.navdmp.com — Cisco Umbrella Rank: 50790 sync.navdmp.com — Cisco Umbrella Rank: 9586	6 KB
7	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1528 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532	6 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912	4 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	4 KB
5	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 690	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	234 KB
5	google.ca www.google.ca — Cisco Umbrella Rank: 9048 adservice.google.ca — Cisco Umbrella Rank: 14299	2 KB
4	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1225 a.teads.tv — Cisco Umbrella Rank: 1377 at.teads.tv — Cisco Umbrella Rank: 4867	5 KB
4	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1711 res-a.akamaihd.net — Cisco Umbrella Rank: 8407	113 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1844	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 234301	147 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 315	944 B
2	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1334	326 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 534	679 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3857	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 522	1 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 833 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	58 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	1 KB
2	fg8dgt.com 2 redirects m.fg8dgt.com — Cisco Umbrella Rank: 4042	766 B
2	mediago.io 2 redirects trace.mediago.io — Cisco Umbrella Rank: 1228	777 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	1 KB
2	bluevoox.com 2 redirects im.bluevoox.com — Cisco Umbrella Rank: 11737	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1884	24 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2897 pixel.wp.com — Cisco Umbrella Rank: 2717	3 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 73
1	googlevideo.com rr1---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 453455	1 MB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 367	572 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	17 KB
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 504	799 B
1	trafficroots.com 1 redirects demand.trafficroots.com — Cisco Umbrella Rank: 3795	633 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 710	457 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 904	609 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 816	919 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 5100	763 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2569	1 KB
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 4295	540 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9628	289 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 5752	420 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 629	472 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4004	612 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 645	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	695 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	75 KB
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
0	navegg.com Failed id.navegg.com Failed
370	62

	Domain	Requested by
63	www.aereo.jor.br	1 redirects www.aereo.jor.br
27	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com
21	pagead2.googlesyndication.com	www.aereo.jor.br pagead2.googlesyndication.com googleads.g.doubleclick.net 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
19	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com www.aereo.jor.br
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	ib.adnxs.com	tags.premiumads.com.br cdn.avantisvideo.com acdn.adnxs.com
10	events.avantisvideo.com
10	fonts.gstatic.com	fonts.googleapis.com
8	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
8	cdn.avantisvideo.com	tags.premiumads.com.br cdn.avantisvideo.com
8	g.bidbrain.app	www.aereo.jor.br 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
7	fonts.googleapis.com	www.aereo.jor.br googleads.g.doubleclick.net 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	imasdk.googleapis.com	cdn.avantisvideo.com imasdk.googleapis.com
6	x.bidswitch.net	6 redirects
6	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net www.aereo.jor.br
5	pixel.rubiconproject.com	2 redirects
5	rtb-csync.smartadserver.com
5	onetag-sys.com	tags.premiumads.com.br cdn.avantisvideo.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
5	www.google.com	www.aereo.jor.br googleads.g.doubleclick.net 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com tpc.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	hbopenbid.pubmatic.com	cdn.avantisvideo.com
4	gum.criteo.com	2 redirects static.criteo.net
4	lm.serving-sys.com	secure-ds.serving-sys.com www.aereo.jor.br
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	adservice.google.ca	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	bs.serving-sys.com	www.aereo.jor.br secure-ds.serving-sys.com
3	image8.pubmatic.com	2 redirects
3	csi.gstatic.com	imasdk.googleapis.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	mug.criteo.com
3	res-a.akamaihd.net	contextual.media.net
3	lg3.media.net	454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com contextual.media.net
3	contextual.media.net	454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com contextual.media.net
3	hblg.media.net	www.aereo.jor.br 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
3	454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.aereo.jor.br www.google-analytics.com www.googletagmanager.com
3	tags.premiumads.com.br	www.aereo.jor.br tags.premiumads.com.br
2	match.adsrvr.org	2 redirects
2	prebid-server.rubiconproject.com	cdn.avantisvideo.com
2	tag.1rx.io	cdn.avantisvideo.com
2	sync-tm.everesttech.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	eus.rubiconproject.com	tags.premiumads.com.br eus.rubiconproject.com
2	sync.navdmp.com
2	events1.avantisvideo.com
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	static.criteo.net	tags.premiumads.com.br static.criteo.net
2	sync.teads.tv	1 redirects 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	m.fg8dgt.com	2 redirects
2	trace.mediago.io	2 redirects
2	c1.adform.net	2 redirects
2	im.bluevoox.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	a.tribalfusion.com	1 redirects 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
2	prg.smartadserver.com	tags.premiumads.com.br
2	script.4dex.io	tags.premiumads.com.br script.4dex.io
1	www.youtube.com
1	image2.pubmatic.com	1 redirects
1	rr1---sn-apaapm4g-apae.googlevideo.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	stags.bluekai.com	1 redirects
1	demand.trafficroots.com	1 redirects
1	ad.turn.com	1 redirects
1	acdn.adnxs.com	tags.premiumads.com.br
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	usr.navdmp.com	tag.navdmp.com
1	static.avantisvideo.com	cdn.avantisvideo.com
1	at.teads.tv	a.teads.tv
1	a.teads.tv	tags.premiumads.com.br
1	sync.go.sonobi.com	1 redirects
1	aep.mxptint.net	1 redirects
1	cs.media.net	contextual.media.net
1	a.rfihub.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	warp.media.net	454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
1	qsearch-a.akamaihd.net	www.aereo.jor.br
1	cc.adingo.jp	1 redirects
1	ads.yieldmo.com	1 redirects
1	fksnk.com	1 redirects
1	s.tribalfusion.com
1	bidder.criteo.com	tags.premiumads.com.br
1	ad.360yield.com	tags.premiumads.com.br
1	fastlane.rubiconproject.com	tags.premiumads.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.aereo.jor.br
1	www.google.ca	www.aereo.jor.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	stats.wp.com	www.aereo.jor.br
1	www.googletagmanager.com	www.aereo.jor.br
0	cs.chocolateplatform.com Failed	454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
0	id.navegg.com Failed	tags.premiumads.com.br
370	105

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.saab.com
defense.embraer.com
www.forte.jor.br
www.naval.com.br
www.leonardo.com
www.fordefesa.com.br

Subject Issuer	Validity	Valid
aereo.jor.br Starfield Secure Certificate Authority - G2	`2022-04-20` - `2023-04-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-20` - `2023-05-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
secure-ds.serving-sys.com R3	`2022-10-11` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.360yield.com Amazon	`2022-08-16` - `2023-09-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
lm.serving-sys.com Amazon RSA 2048 M02	`2022-10-26` - `2023-11-24`	a year	crt.sh
g.bidbrain.app GTS CA 1D4	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.avantisvideo.com Amazon	`2022-10-24` - `2023-11-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.googlevideo.com GTS CA 1C3	`2022-12-06` - `2023-02-14`	2 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.aereo.jor.br/
Frame ID: F521B8DD4DAF0C6AF08BBC4EC57DAAC8
Requests: 187 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: C7A3FFB9B27CAF1F620D515F61371D79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=280&slotname=4579491807&adk=52731674&adf=4010924017&pi=t.ma~as.4579491807&w=1192&fwrn=4&fwrnh=100&lmt=1671225696&rafmt=1&format=1192x280&url=https%3A%2F%2Fwww.aereo.jor.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807101&bpp=30&bdt=879&idt=732&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=692257186449&frm=20&pv=2&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=3544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=AIBzQCpP2g&p=https%3A//www.aereo.jor.br&dtd=775
Frame ID: 4F5D30A8BE5C1BF51E3A6CD56B7BB717
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=250&slotname=2862219256&adk=3823964945&adf=4192660947&pi=t.ma~as.2862219256&w=300&lmt=1671225696&format=300x250&url=https%3A%2F%2Fwww.aereo.jor.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807176&bpp=8&bdt=954&idt=910&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=RkQr899mXD&p=https%3A//www.aereo.jor.br&dtd=923
Frame ID: 589F688EB9AC9F08BCFBEBA596E8C2E4
Requests: 10 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 7A71976B51A604EFD56E43FC7BEE8189
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=280&slotname=4579491807&adk=1654750209&adf=3669081314&pi=t.ma~as.4579491807&w=377&fwrn=4&fwrnh=100&lmt=1671225696&rafmt=1&format=377x280&url=https%3A%2F%2Fwww.aereo.jor.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807402&bpp=9&bdt=1180&idt=821&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280%2C300x250&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1019&ady=4530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=cuABAZ4NYh&p=https%3A//www.aereo.jor.br&dtd=829
Frame ID: 9E7B70A868063738D35A8C101EB3296C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&adk=1812271804&adf=3025194257&lmt=1671225696&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x540_l%7C164x540_r&format=0x0&url=https%3A%2F%2Fwww.aereo.jor.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807689&bpp=2&bdt=1467&idt=593&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280%2C300x250%2C377x280&nras=1&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=647
Frame ID: 421577DB929BA4A267DEBF45026643C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: E01230AFDC1219AC1F9C6B3C02E43BC9
Requests: 1 HTTP requests in this frame

Frame: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 251103D7ED4E9E4D2F4CDD27DC6431A5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 4F5634281AA4EBF9A51556A084F21BDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8072A8A9B4F031F9FE80597A07415AFF
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F38B7D8EE269F07A05FFFEFD211A432D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BB6D61D3A94D877BDDE392D8CD21C98
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: F9BBC2D14244511A079F44BC9C40F6EB
Requests: 1 HTTP requests in this frame

Frame: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 411D73D1B11E29AE4D80B2A2272996F7
Requests: 22 HTTP requests in this frame

Frame: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EF7AD91C9D917E59F6C80B0FD273C3E
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D30B7BDA434408D1475BA9945B4D3206
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F85D24455FA6FA0108C12EA6CC881D58
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72BAF022642F1FDB852F6640FC8E4D6C
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=812171582&size=970x90&cc=CA&chnm=HARMONY&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fwww.aereo.jor.br&nse=5&vi=1671225810903078368&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4xBgg4Nea&bcpf=B4xBgg4N8fOnRrolnfOur8ea&bdrId=294&bid=328264&ntv=0&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0926278408t202212162123&newfl=1&htmlsrc=1&allsc=QC
Frame ID: CA6E5592EACF9212C55E06D4443A1806
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: DFBC0B9148DE99597B28523DE7C51634
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3469A434903163979B7E40BA78E4585
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.aereo.jor.br
Frame ID: CEDE6176B2F1823FB6EAC2850B213586
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: CFBBF5C1E2BAB6847661F95903A1B9E3
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1671225808847
Frame ID: E4C34A16857783101B366CC0D65BA6D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 08743F08F06136D33545B1BE56156A52
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5DE71496C9978F4A2BFD99EF49887690
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: F7DBF3B6A09B6D29A32ACEDF5788CEB8
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 2BD9099F5E75F4630074B1E037B347F0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: AC06F8373EBC24349AFD48D94F7EC6B3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: EE08D5F242875E68AB599CC7DFE4E6A2
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 5EDE9403379B498F442919E76581B9EC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Página Inicial - Poder Aéreo – Aviação, Forças Aéreas, Indústria Aeroespacial e de Defesa

Page URL History Show full URLs

http://www.aereo.jor.br/ HTTP 301
https://www.aereo.jor.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

370
Requests

89 %
HTTPS

38 %
IPv6

62
Domains

105
Subdomains

61
IPs

8
Countries

11762 kB
Transfer

20202 kB
Size

91
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/fordefesa

Search URL Search Domain Scan URL

URL: https://twitter.com/poderaereo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCAHX5ziQ0FmHcttaU8UsTVA

Search URL Search Domain Scan URL

URL: https://www.saab.com/pt-br/markets/brasil/gripen-para-o-brasil

Search URL Search Domain Scan URL

URL: https://defense.embraer.com/global/en/c-390

Search URL Search Domain Scan URL

URL: http://www.forte.jor.br/

Search URL Search Domain Scan URL

URL: http://www.naval.com.br/

Search URL Search Domain Scan URL

URL: https://www.leonardo.com/en/innovation-technology?utm_source=Poder+Aereo&utm_medium=banner&utm_campaign=Institutional

Search URL Search Domain Scan URL

URL: http://www.fordefesa.com.br/
Title: www.fordefesa.com.br

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.aereo.jor.br/ HTTP 301
https://www.aereo.jor.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 167

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 168

https://fksnk.com/cs/google?google_gid=CAESEPX0YcqFNdkMRWGK3ivsvnU&google_cver=1&google_push=AavPq0Pb0JGZeBnuGTZ7ft4SkBMipnTVaGMSdtO8AI48bHMgwxN2ma98ZrDnBDosmWTAKPqZGqXcT0jkEUWfTg6VqITrDaCizRuZlUcN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjJCRTY4RDBFRjVDMUQzOQ==

Request Chain 169

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_cver=1&google_push=AavPq0O395oT40f9K8cwlnzLOFm2OwCmVdvxFo6BBnNd4dDXBAGYXuQVxMKYsvi-jUP4N7HsnGwGtQolJgAeva6AY0SfYJcd68rzrWo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_push=AavPq0O395oT40f9K8cwlnzLOFm2OwCmVdvxFo6BBnNd4dDXBAGYXuQVxMKYsvi-jUP4N7HsnGwGtQolJgAeva6AY0SfYJcd68rzrWo&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_hm=Y5zh0fn_M-oRtuXdpjrMogAAADYAAAIB&google_nid=index&google_push=AavPq0O395oT40f9K8cwlnzLOFm2OwCmVdvxFo6BBnNd4dDXBAGYXuQVxMKYsvi-jUP4N7HsnGwGtQolJgAeva6AY0SfYJcd68rzrWo

Request Chain 170

https://ads.yieldmo.com/exptsync?google_gid=CAESEGMl3WbVK5WusADO40gqsW8&google_cver=1&google_push=AavPq0NT9M6fIqW06EFdzuOmTBTsXThNrBsLbvP8DyZOnr-I1TVasa3wRsq4D42V0KRFak8moeuNzUTN3G9xl1x7orZ_Rc8ReY7aoPbq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NT9M6fIqW06EFdzuOmTBTsXThNrBsLbvP8DyZOnr-I1TVasa3wRsq4D42V0KRFak8moeuNzUTN3G9xl1x7orZ_Rc8ReY7aoPbq&google_hm=Zzk4YTZkMTAwZmI0NzMxZTY4N2E=

Request Chain 171

https://cc.adingo.jp/adx/push/?google_gid=CAESEPAtxQ_XwHiBEuU8LLXLfHk&google_cver=1&google_push=AavPq0PNuvEgmvjlbhQaofnxkRL3P3Umwf8VRrAzayiAIHzU5kd42IHMLtjllAJd0H2lgaoX7D75epjxr7lP_TWxehVIvtEyp_MBMB-_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0PNuvEgmvjlbhQaofnxkRL3P3Umwf8VRrAzayiAIHzU5kd42IHMLtjllAJd0H2lgaoX7D75epjxr7lP_TWxehVIvtEyp_MBMB-_&google_hm=7bb91568a18d94aec973528080b004a1

Request Chain 172

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEPUySv3eSRNCfnAEn_hdZgw&google_cver=1&google_push=AavPq0M5eyOWEw5m1EYoePSEVOaiu4pkm5ZqklxmyFRT71kkTeB7VAfn__1HLsSUAjKtqErRpFUVytLXyS97i27KPjzrYUhzpN9xia4Abg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0M5eyOWEw5m1EYoePSEVOaiu4pkm5ZqklxmyFRT71kkTeB7VAfn__1HLsSUAjKtqErRpFUVytLXyS97i27KPjzrYUhzpN9xia4Abg&google_hm=QlMuMDRiMy1kZDNkLTRkZGUtYjA0OA==

Request Chain 173

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIKvqIcG886as372QxmmByQ&google_cver=1&google_push=AavPq0M_010xwSUisVD1VJh8Ln5FEPfq3W79LcZWdTi6W0_kftmXiHGILyeVf0bjS7rmsSRfWGDUv_fpt9TQFfAEapLR6HlfT60USRqy HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIKvqIcG886as372QxmmByQ&google_cver=1&google_push=AavPq0M_010xwSUisVD1VJh8Ln5FEPfq3W79LcZWdTi6W0_kftmXiHGILyeVf0bjS7rmsSRfWGDUv_fpt9TQFfAEapLR6HlfT60USRqy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&%%GOOGLE_PUSH_PAIR%%

Request Chain 214

https://s.uuidksinc.net/match/47/?remote_uid=CAESEP6Adz-V2JhjkwTs2dyX6YA&c_param1=AavPq0PY-t7zFKK-bPUgJ5ZsLQIzDpchQPZrF2-EkvkGuJwhE4sZSH_Ny3f2EEF6H6VGKgpzrXdPt4I-RC_Jt6kQWg-t5n4-rFE&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PY-t7zFKK-bPUgJ5ZsLQIzDpchQPZrF2-EkvkGuJwhE4sZSH_Ny3f2EEF6H6VGKgpzrXdPt4I-RC_Jt6kQWg-t5n4-rFE

Request Chain 215

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHhTzzzE2DWrBpRiR6HV8II&google_cver=1&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd0Knb0xZ6ngC_XprRL5s HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHhTzzzE2DWrBpRiR6HV8II&google_cver=1&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd0Knb0xZ6ngC_XprRL5s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc4OTk3ODAyMzU3NDEzMDI0&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd0Knb0xZ6ngC_XprRL5s

Request Chain 216

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOI0yJiEJ_kJlsN4MxR5AT8&google_cver=1&google_push=AavPq0M9kVyOTBk5MFQkJxZms2aolBbfbdbaHxL0jyT7h2ZDiNBJRb1DHew1MWZiFUPHD6GKKJGI6Py4Ok4Iexpw21CSCwu3ESei HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE4MTQ3ODAxMzMyMTgxNDI4Mzg&google_push=AavPq0M9kVyOTBk5MFQkJxZms2aolBbfbdbaHxL0jyT7h2ZDiNBJRb1DHew1MWZiFUPHD6GKKJGI6Py4Ok4Iexpw21CSCwu3ESei

Request Chain 217

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEPUySv3eSRNCfnAEn_hdZgw&google_cver=1&google_push=AavPq0NRAOn_xx2NBFa2iT0OFcD6KfB6W2Sk3-Y64cxJIS4UPypUdAFyiYsX0LwtW9daGyeCJwP819PbcPFLMcfCkctwDoY5ZwXZtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0NRAOn_xx2NBFa2iT0OFcD6KfB6W2Sk3-Y64cxJIS4UPypUdAFyiYsX0LwtW9daGyeCJwP819PbcPFLMcfCkctwDoY5ZwXZtw&google_hm=QlMuMDBhMC1jMTRjLTRmMzctYjcwZA==

Request Chain 218

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHTNGztvKECwEIt3lxziWwI&google_cver=1&google_push=AavPq0M24IsfXeL6YePaKddXFmzNnOn7lQOyb26zhWcO6okwfnkNkkdOEuOfqF_0CItwOxSfGcQ58JhD4ghiQeCLfDu-aX8ypTFF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0M24IsfXeL6YePaKddXFmzNnOn7lQOyb26zhWcO6okwfnkNkkdOEuOfqF_0CItwOxSfGcQ58JhD4ghiQeCLfDu-aX8ypTFF&google_hm=NTg2MzMzMjk1OTgwNjc4MzQ3MQ==

Request Chain 219

https://trace.mediago.io/cs/google?google_gid=CAESEP3of9WmZgbqPExU-8Grqg8&google_cver=1&google_push=AavPq0NBU4BV4L-M_z4TOvE9q53u6c5fklnVT5hfYCikTQ7juFavLDQxHC9YfFBzyOPlwPetTFOuYHu2cwNHCL78CvUW_FqbkA1f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0NBU4BV4L-M_z4TOvE9q53u6c5fklnVT5hfYCikTQ7juFavLDQxHC9YfFBzyOPlwPetTFOuYHu2cwNHCL78CvUW_FqbkA1f&google_hm=bee183775e2605720239fe233da4cc9a

Request Chain 234

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE0MjI3NDEwMTQ1NDY2NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP6QgPXjCcKH2EBi-_rHuso&google_cver=1

Request Chain 236

https://aep.mxptint.net/sn.ashx?google_gid=CAESEKCZX0H4rsXraQRp8Zq28RU&google_cver=1&google_push=AavPq0PEJGrGXlT8lC27SG1BKm1T5kMv2Q9AgaBGJL-7tsMPYatyL0f_XHiT3o7seFDpL4PB-N8tRqNEYHYfZy94caBdvTZi5GVCk53vfczc5ShLr2nTp2cHASYE1bcd6ce4M46I-TDVJwo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AavPq0PEJGrGXlT8lC27SG1BKm1T5kMv2Q9AgaBGJL-7tsMPYatyL0f_XHiT3o7seFDpL4PB-N8tRqNEYHYfZy94caBdvTZi5GVCk53vfczc5ShLr2nTp2cHASYE1bcd6ce4M46I-TDVJwo&google_hm=UjFCMzMwX0ZCMDExNzk2XzYzMjQwNTgz

Request Chain 237

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG0VLylw1Qq6nt2TPDkMqnY&google_cver=1&google_push=AavPq0OmRb9B-ttT2IxjySnlW6dB8I8zhG5D934P_BaCtY5R2Qzl4jIc6-FHFLhvyZ2mEqPSHw2Avyvcg9__H2G9-0PKJmkNsZhtuTAiSlJKHl0GJBuPpojZuY-LzRW0n-x6NSmD5OJwyw HTTP 302
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb HTTP 302
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb HTTP 302
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=google&user_id=3d7002b1-44b9-4004-9551-630e440de136 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OmRb9B-ttT2IxjySnlW6dB8I8zhG5D934P_BaCtY5R2Qzl4jIc6-FHFLhvyZ2mEqPSHw2Avyvcg9__H2G9-0PKJmkNsZhtuTAiSlJKHl0GJBuPpojZuY-LzRW0n-x6NSmD5OJwyw&google_hm=3dxaogX2TiyczRWXsjWY6w==

Request Chain 238

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAavPq0Ny3m2x64UFDe7676zyKcYV4MsXtbyHXU4LfV7mbntbFCCMCtp8VWZYtHGV5_5PJwEoM7coMjogZZyaf9-4VibQx5-DK7KBdY7eIiBCjYaDSkpa1cLb-oS1ReVpFunxoBXZERJnbaI%26google_hm%3D%5BUID%5D&google_gid=CAESENy7aWGY9vx46iNHR7C7pZo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Ny3m2x64UFDe7676zyKcYV4MsXtbyHXU4LfV7mbntbFCCMCtp8VWZYtHGV5_5PJwEoM7coMjogZZyaf9-4VibQx5-DK7KBdY7eIiBCjYaDSkpa1cLb-oS1ReVpFunxoBXZERJnbaI&google_hm=cae65fa0-54c5-4454-aafb-beedb35556ac

Request Chain 239

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEhizzZCQ1AM6lIbqEO9YNE&google_cver=1&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYMv_XGWeEVqZEeBykdYymYWLPS2N0VgC687yxBShjXpznA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYMv_XGWeEVqZEeBykdYymYWLPS2N0VgC687yxBShjXpznA&google_gid=CAESEEhizzZCQ1AM6lIbqEO9YNE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NTA4OTU5NTg1NTY2Mzc4MDI3MA%3D%3D&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYMv_XGWeEVqZEeBykdYymYWLPS2N0VgC687yxBShjXpznA

Request Chain 241

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOzvXb64frDo-Nc5Zm0R8_w&google_cver=1&google_push=AavPq0NAXz6fs_bVwVulJdGTZyBULwLpI6kQnaoVIjO8HG1vzeFrZEoxcvupFuuM7l9lC8ZG2Sf5gjXCuLtkFSaWaHoYkFu2PkcUiZWoir411fPWrzElFdj2-ALdCJwrAXifbhSRi_HGT7Ei HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NGJlZDg3MTctM2FjYS00OTFiLThiNWQtZjMyZjcxZTc4Yzk4&google_push=AavPq0NAXz6fs_bVwVulJdGTZyBULwLpI6kQnaoVIjO8HG1vzeFrZEoxcvupFuuM7l9lC8ZG2Sf5gjXCuLtkFSaWaHoYkFu2PkcUiZWoir411fPWrzElFdj2-ALdCJwrAXifbhSRi_HGT7Ei HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 242

https://trace.mediago.io/cs/google?google_gid=CAESEP3of9WmZgbqPExU-8Grqg8&google_cver=1&google_push=AavPq0MjX54e7UkT4JuEcljKGJB1LEhXSR-oX7Y6BcCs3ac43HdWiZgbEEfHxojzXgIEcmRcsBmhheGbV0B6NM0XNIqW49WfiokZnbqrWg84hJsMzAldGaBNW8lJjw1Nh_KZRckjRrULc97t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0MjX54e7UkT4JuEcljKGJB1LEhXSR-oX7Y6BcCs3ac43HdWiZgbEEfHxojzXgIEcmRcsBmhheGbV0B6NM0XNIqW49WfiokZnbqrWg84hJsMzAldGaBNW8lJjw1Nh_KZRckjRrULc97t&google_hm=bee183775e2605720239fe233da4cc9a

Request Chain 256

https://gum.criteo.com/sid/json?origin=publishertag&domain=aereo.jor.br&sn=ChromeSyncframe&so=0&topUrl=www.aereo.jor.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=OvtC6Hx6cU4ySno1VExaZm9MaEFBcStkaUJwN3g3clNyOFIxcUtnUnA4TTdUT3JUU0tNdEhjUmM4bHdNY3ZCeFpic1NLYU4yUE5IVk81ZzJ2aU1STm1taFQ2bHBHRndjSEU2SFBpNGxVeVRJSVJULzlzNXRlSDVMVHZDaEQwMUVrVkZ6YnozekVZQzYrYXdDSEk2YUt5bWxSeEpvL1BPVkp6RkFnQXRyZVpucmE1U3IxVzZRVFNGelZFRitOTWxWeEsyTzhFMUFFUnFZbHNsWmliMTloUkkya1c5cms1dkZxSW1STEorUGpYM3pmWExmNnhVYVl5VFIwSWFCRHdXR3pHMlVIbTdneW04ejZ2TnNzMW5kVWtCVWhiUT09fA&cppv=2

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76976354101 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=76976354101&google_gid=CAESEDxLmUFPvSpN_Cl5Dqk6rr0&google_cver=1

Request Chain 272

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=430b639c-e1d5-4800-be48-d95847118ca4

Request Chain 273

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://sync.navdmp.com/sync?prtid=12&yahid=y-dJOkry5E2p4ePR4JznKBzMGK5n.DGuLx6LU-~A

Request Chain 294

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.aereo.jor.br%2F&domain=www.aereo.jor.br&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XVIpOHxJZTRrOXpHd0FJekdHV25FWHVmTkVWYi9ad1MrNWo1ZVpCK1RWR1FTR2o5dC9XVVV0Q1U3VWRzM0FBcU5aVEh0UStuMkNSSGNCY0luSU5rdS9BaDdYZGNxNVRqWDFSTU1GZEFUWkliTjRVNGVsc2VQY2lKZDdYQ0tueUFYcm1FN0dOWlFEVkwwb0R5SjN2dHp4NWRtSjErbTdkK1FUMGs5ZnV5Tnh1Z2d5QXQzTDRCdXlzb0RhZVhkZHpaWEp1dll3TW9abERvS3p3NTR4NmM4b1lHZE8wRGVOSVNROWhKajJyWUovaWFFRTRwdVBreWhHNkZWQnFmblBwVThacTQralc2cUx3REZKN2NLNVpKYnJXSXExRmRCTEFQaEw2N0J6dEJSMkw4TXlEaz18&cppv=2

Request Chain 299

https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3287437758360039017&gdpr=0&gdpr_consent=

Request Chain 300

https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=e5798cbf09&gdpr=0&gdpr_consent=

Request Chain 301

https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=4-d08chTKs_hZ2eQXElH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5GQWWIMBYMNUFIS3TL5UFUMTFKFMEK3CI&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5GQWWIMBYMNUFIS3TL5UFUMTFKFMEK3CI HTTP 302
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=4-d08chTKs_hZ2eQXElH

Request Chain 302

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=f13f04e3-29c9-4995-aa8f-e5fdf30262a5&ssp=smartadserver&expires=30&user_group=5&bsw_param=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&gdpr=&gdpr_consent=

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5zh1gAD9sOijwAe HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5zh1gAD9sOijwAe&gdpr=0&gdpr_consent=&_test=Y5zh1gAD9sOijwAe

Request Chain 322

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IOJc6owaSlOuGMV4fRtPXw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IOJc6owaSlOuGMV4fRtPXw

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGoYgQ7F6D7H6Yi2y_cf1a4&google_cver=1

Request Chain 324

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dd6886ec-11fb-4f5d-8c50-c45b04484e91&gdpr=0&gdpr_consent=&expires=30

Request Chain 325

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczMGY3NDU2MGJiNWI5MTA5OTczMGJhNTY4YjUyYmMwMDA5Y2RkNw

Request Chain 326

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/evwkFCET83PVr_ExRjW8sQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iTKHVENE2oKdsJgnNuBcUcJiOIAoexPCSbRX3g--~A

Request Chain 327

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJSMFAyWVItRC01Mjc=

Request Chain 328

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBR0P2YR-D-527

Request Chain 329

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rZ-b0kppSmWF8uhYixzLRw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ-b0kppSmWF8uhYixzLRw

Request Chain 363

https://image8.pubmatic.com/AdServer/ImgSync?p=159970 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159970&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUUxRjk3Q0EtMjlEQy00RjdBLUFCODAtRTcxNTE3MzYzMEIz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

370 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.aereo.jor.br/
Redirect Chain

http://www.aereo.jor.br/
https://www.aereo.jor.br/

439 KB
44 KB

341ms
167ms

Document
text/html

208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: e7b7491d095b39d11a686999b4e2f90db0f1c4c10db81fce4f786310b3f9c964

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=3, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 21:23:26 GMT
etag: W/"6db50-5eff88e00692f"
expires: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Fri, 16 Dec 2022 21:21:36 GMT
server: nginx
vary: Accept-Encoding,Cookie
x-powered-by: PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Dec 2022 21:23:25 GMT
Location: https://www.aereo.jor.br/
Server: nginx
Vary: Accept-Encoding,Cookie
X-Powered-By: PHP/7.4.33 PleskLin
X-Redirect-By: WordPress

GET
H2 200 style.min.css
www.aereo.jor.br/wp-includes/css/dist/block-library/ 93 KB
11 KB 96ms
90ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 16 Nov 2022 03:33:18 GMT
server: nginx
etag: W/"637459fe-172a9"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 mediaelementplayer-legacy.min.css
www.aereo.jor.br/wp-includes/js/mediaelement/ 11 KB
2 KB 161ms
154ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-2bf8"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 wp-mediaelement.min.css
www.aereo.jor.br/wp-includes/js/mediaelement/ 4 KB
1 KB 101ms
95ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-105a"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 classic-themes.min.css
www.aereo.jor.br/wp-includes/css/ 217 B
309 B 100ms
94ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:49 GMT
x-accel-version: 0.01
server: nginx
etag: W/"d9-5ed09f8e588d5"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
www.aereo.jor.br/wp-content/plugins/wpdiscuz/themes/default/ 114 KB
18 KB 130ms
125ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=7.5.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: ffce487df4744525fd529363bd47e310529698170c91084a5099f760fa957569

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 03 Dec 2022 21:01:39 GMT
server: nginx
etag: W/"638bb933-1c83a"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 fa.min.css
www.aereo.jor.br/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/ 11 KB
2 KB 102ms
97ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.5.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 696abb1249ad3aac33060bfed46b870e4a645faf9b96a9b81b3af85a4ef42694

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 03 Dec 2022 21:01:39 GMT
server: nginx
etag: W/"638bb933-2d07"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 wpdiscuz-combo.min.css
www.aereo.jor.br/wp-content/plugins/wpdiscuz/assets/css/ 36 KB
6 KB 158ms
153ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=6.1.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 03 Dec 2022 21:01:39 GMT
server: nginx
etag: W/"638bb933-9023"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
www.aereo.jor.br/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
4 KB 160ms
156ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:21 GMT
server: nginx
etag: W/"636fc29d-92ec"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 48 KB
2 KB 97ms
41ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CRubik%3A400%2C300%2C500%2C600%7CPT+Serif%3A700%2C400&display=swap&ver=12.1

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

969f50c49b96b8b4ae74e77098377aa41192a9517d62e2a5e7c2d8fc9f9d26ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 21:23:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:26 GMT

GET
H2 200 td-multipurpose.css
www.aereo.jor.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ 12 KB
2 KB 161ms
157ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 485301e24ee204cd089ec16df7e66702b3a3dc906f5ea5ffcc414c303d647e1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:19 GMT
server: nginx
etag: W/"636fc29b-2ee1"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
www.aereo.jor.br/wp-content/themes/Newspaper/ 148 KB
23 KB 177ms
173ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/themes/Newspaper/style.css?ver=12.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 1383e964dbeb4da6efb6e908176663dbfcd5a387d7d368834f8224233b778bb9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:13 GMT
server: nginx
etag: W/"636fc295-24f51"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 td_legacy_main.css
www.aereo.jor.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 160 KB
22 KB 241ms
238ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 8c21de3b659aaa30693e28670ce6526645a4af8ce4d49c38f9fe410552d36e4a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:19 GMT
server: nginx
etag: W/"636fc29b-281f9"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 td_standard_pack_main.css
www.aereo.jor.br/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
53 KB 191ms
188ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=48767bfdc5698c9103b4ef9b700012fd
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:48 GMT
server: nginx
etag: W/"636fc2b8-b2d2a"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 tdb_main.css
www.aereo.jor.br/wp-content/plugins/td-cloud-library/assets/css/ 29 KB
5 KB 180ms
176ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 8fe457e08539bb6275fda6ccfe7666b6ab9216800193c897200d4c35770f0507

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:36 GMT
server: nginx
etag: W/"636fc2ac-74a9"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jetpack.css
www.aereo.jor.br/wp-content/plugins/jetpack/css/ 84 KB
15 KB 262ms
259ms Stylesheet
text/css 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/jetpack/css/jetpack.css?ver=11.6
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 0ce7613bb07f30b4dd77f51b62fcbd70bc15439a24b696ca06a694c2c8544ce6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 07 Dec 2022 09:18:09 GMT
server: nginx
etag: W/"63905a51-1519b"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.aereo.jor.br/wp-includes/js/jquery/ 88 KB
30 KB 260ms
257ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-15e54"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.aereo.jor.br/wp-includes/js/jquery/ 11 KB
4 KB 242ms
239ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-2bd8"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 98ms
40ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQ2L68JE9E

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebad9f838fb810350790dd414b697b5dbaf25bc4865a29e704c7dfcd0ef48756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 21:23:26 GMT

GET
H2 200 Poder-Aereo-LOGO-2021.png
www.aereo.jor.br/wp-content/uploads//2021/02/ 27 KB
27 KB 169ms
161ms Image
image/png 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2021/02/Poder-Aereo-LOGO-2021.png
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: ebb8d59148126400a7d2ef1f37070835c026fee48a1d90af92e563f4294814bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 10 Feb 2021 16:37:48 GMT
server: nginx
etag: "60240bdc-6a40"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 27200

GET
H2 200 wp-emoji-release.min.js Show response
www.aereo.jor.br/wp-includes/js/ 18 KB
5 KB 168ms
159ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-48b9"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 Banner-Saab.gif
www.aereo.jor.br/wp-content/uploads//2022/03/ 438 KB
439 KB 166ms
158ms Image
image/gif 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/03/Banner-Saab.gif
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: ea628a83ef0760a53f88f66bfb12eaedf43705f232d725b1e22b0390d6da12a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Mon, 07 Mar 2022 13:49:58 GMT
server: nginx
etag: "62260d86-6d7ca"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 448458

GET
H2 200 Banner-Embraer-C-390-Millennium.gif
www.aereo.jor.br/wp-content/uploads//2022/07/ 209 KB
209 KB 168ms
160ms Image
image/gif 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/07/Banner-Embraer-C-390-Millennium.gif
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: c29d6b65af0666c7c3a4c7f56a27467d1cfd0f3c4e27dba1ff264bbf484f5ad9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Fri, 22 Jul 2022 12:34:20 GMT
server: nginx
etag: "62da994c-342dc"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 213724

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 13 KB
5 KB 80ms
28ms Script
text/html 100.25.107.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1078703097&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&w=300&h=250&ord=[timestamp]&z=10000
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.107.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-107-144.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 850c833c7712f7d0308b014d1d4321563eeaca85e64041384e6ea06cb1ddba0a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 4671
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 Bolacha-For%C3%A7as-de-Defesa-2.png
www.aereo.jor.br/wp-content/uploads//2014/04/ 53 KB
53 KB 168ms
161ms Image
image/png 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2014/04/Bolacha-For%C3%A7as-de-Defesa-2.png
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 167f94fb6ab80302f929f6f1b7b462ceb93f324d9f303119e98571ff7cf78644

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 23 Apr 2014 16:05:02 GMT
server: nginx
etag: "5357e4ae-d4e1"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 54497

GET
H2 200 Banner-Leonardo-M346.jpg
www.aereo.jor.br/wp-content/uploads//2022/07/ 183 KB
183 KB 101ms
95ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/07/Banner-Leonardo-M346.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: d2ffb1d66e611ed3119f13ab781f94679180993f151242fec73feab42cb9234c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Tue, 05 Jul 2022 10:36:14 GMT
server: nginx
etag: "62c4141e-2dada"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 187098

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 126ms
64ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

701c358570d3b4d2127343e9a61332eab7b6e6b1ea5596acb2d36448dd1f43b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49369
x-xss-protection: 0
server: cafe
etag: 11706402788270096421
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 21:23:26 GMT

GET
H2 200 wpdiscuz-combo.min.js Show response
www.aereo.jor.br/wp-content/plugins/wpdiscuz/assets/js/ 307 KB
63 KB 103ms
102ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.5.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 65f6e869897c7dfea0c3782817102671cd1ef9d7c59466e11976a31bace7dc05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 03 Dec 2022 21:01:39 GMT
server: nginx
etag: W/"638bb933-4cd5e"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 underscore.min.js Show response
www.aereo.jor.br/wp-includes/js/ 18 KB
7 KB 102ms
91ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-4991"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js_posts_autoload.min.js Show response
www.aereo.jor.br/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 168ms
158ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:36 GMT
server: nginx
etag: W/"636fc2ac-14e2"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 tagdiv_theme.min.js Show response
www.aereo.jor.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ 298 KB
66 KB 170ms
160ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 887880bbd37c109dca66464d026c316a5747e607b6c70cfd8addbf047ef42e95

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:21 GMT
server: nginx
etag: W/"636fc29d-4a964"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
www.aereo.jor.br/wp-includes/js/ 3 KB
1 KB 169ms
159ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Wed, 09 Nov 2022 13:52:50 GMT
server: nginx
etag: W/"636bb0b2-ba5"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js_files_for_front.min.js Show response
www.aereo.jor.br/wp-content/plugins/td-cloud-library/assets/js/ 160 KB
36 KB 171ms
161ms Script
application/javascript 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: f4a496329cb5cb5897f921ebb6fbbc2b232d5952d5b38f714007d80fdd53ebd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
last-modified: Sat, 12 Nov 2022 15:58:36 GMT
server: nginx
etag: W/"636fc2ac-280b6"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 5b687af3-cfdb-4b7a-9848-d686d10dff12 Show response
tags.premiumads.com.br/dfp/ 74 KB
24 KB 193ms
130ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/5b687af3-cfdb-4b7a-9848-d686d10dff12

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1d70aa4785c9f8f0e7a93a80cc6fbe30e356ee2cffffd1befb32ff8df7519921

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 14:46:13 GMT
server: cloudflare
age: 369433
x-powered-by: ASP.NET
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMdGbaTGwqkSNYoX8WFULemfSAsL0KL1Lk2CfIfkbfXgGCWcsXpo3dUyZ9gTy3NYwp1Jz4s8KozwJERDMLmtreu94UnwmQr0%2BUjmcJsS1vdHtsz3%2Bxp9L%2FwxBmPaRdiTmG8xnar2Sht93aMfUH5EzmqQiz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 77aa7aeb4bcd3fcd-YYZ

GET
H2 200 e-202250.js Show response
stats.wp.com/ 9 KB
3 KB 63ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202250.js
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT yyz
date: Fri, 16 Dec 2022 21:23:26 GMT
content-encoding: br
server: nginx
etag: W/"61beb56a-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 04 Dec 2023 06:19:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
21ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 20:44:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2352
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 22:44:14 GMT

GET
H2 200 12.jpg
www.aereo.jor.br/wp-content/uploads//2021/02/ 126 KB
126 KB 149ms
147ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2021/02/12.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: a3d328807718a30d851e52a377457c06dbfe2ca7b2d8a77756a2d9fd5099a345

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 10 Feb 2021 14:40:13 GMT
server: nginx
etag: "6023f04d-1f822"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 129058

GET
H2 200 newspaper.woff
www.aereo.jor.br/wp-content/themes/Newspaper/images/icons/ 32 KB
32 KB 145ms
143ms Font
application/font-woff 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?21
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/wp-content/themes/Newspaper/style.css?ver=12.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6

Request headers

Referer: https://www.aereo.jor.br/wp-content/themes/Newspaper/style.css?ver=12.1
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Sat, 12 Nov 2022 15:58:13 GMT
server: nginx
etag: "636fc295-8040"
x-powered-by: PleskLin
content-type: application/font-woff
accept-ranges: bytes
content-length: 32832

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 114ms
50ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CRubik%3A400%2C300%2C500%2C600%7CPT+Serif%3A700%2C400&display=swap&ver=12.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 09:10:12 GMT
x-content-type-options: nosniff
age: 303194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 09:10:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 85ms
24ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:05:32 GMT
x-content-type-options: nosniff
age: 37074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:05:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 75ms
44ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 168712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:31:34 GMT

GET
H2 200 xxx_menu-bg_xxx.jpg
www.aereo.jor.br/wp-content/uploads//2021/02/ 238 KB
238 KB 173ms
166ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2021/02/xxx_menu-bg_xxx.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 31046c2c2385cdceee8af86d23b6c8a38a382464172b47716867745e6d3ec144

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 04 Aug 2021 13:05:17 GMT
server: nginx
etag: "610a908d-3b750"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 243536

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v23/ 33 KB
33 KB 43ms
36ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:49 GMT
x-content-type-options: nosniff
age: 179437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34112
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:32:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 58ms
54ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:29:25 GMT
x-content-type-options: nosniff
age: 161641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 00:29:25 GMT

GET
H2 200 PL_AddCSS_NCM.js Show response
secure-ds.serving-sys.com/resources//CustomScripts/ 13 KB
13 KB 160ms
56ms Script
application/octet-stream 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources//CustomScripts/PL_AddCSS_NCM.js?css1=div%5Bid%5E%3DClickDiv%5D%7Btop%3A0px!%3Bleft%3A0px!%3B%7D
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1078703097&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&w=300&h=250&ord=[timestamp]&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1c3aa73455371c55c4c3e98dec5c287bf262e9aee13340dd21e874b002087286

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: bNp_MSl.ATTtUxXc_d2AP9ed1S45bNdK
date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Thu, 01 Oct 2020 19:41:26 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "2186b24e605e9119b03b13eedac40b6e"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 13014
x-amz-cf-id: mG7KtrZgSWM4ugBEwDWm0T_hqbaNulkAW5fXq1NbdUzJMLc2ULv3SA==
expires: Fri, 16 Dec 2022 21:23:26 GMT

GET
H2 200 Saab-Gripen-C-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 36 KB
36 KB 258ms
242ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/Saab-Gripen-C-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 58f254db8c04d96049b320578854fc9395992aea278caf7fd46df8ef4461bc60

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Fri, 16 Dec 2022 21:18:21 GMT
server: nginx
etag: "639ce09d-9105"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 37125

GET
H2 200 E-Jet-American-Eagle-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 29 KB
29 KB 269ms
256ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/E-Jet-American-Eagle-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 6e3de97b57ab71d48f85f440682b7d87b8a332f5c4c9e01ff50a462f34443531

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Fri, 16 Dec 2022 16:00:04 GMT
server: nginx
etag: "639c9604-7205"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 29189

GET
H2 200 Sam-Saab-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 30 KB
30 KB 230ms
217ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/Sam-Saab-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 0b9fd32be4c22d101d23780e9ff25ac81caff9c5070ba585e7b32c6ee6b20061

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Fri, 16 Dec 2022 15:45:22 GMT
server: nginx
etag: "639c9292-76e5"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 30437

GET
H2 200 Baykar-Bayraktar-Kizilelma-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 19 KB
19 KB 228ms
215ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/Baykar-Bayraktar-Kizilelma-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 07466ba054c48c013eefaa18c8d5589e69505fb1721ad00c4012790664168c1c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Thu, 15 Dec 2022 20:41:37 GMT
server: nginx
etag: "639b8681-4b78"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 19320

GET
H2 200 DCTA-realiza-primeiro-curso-de-Operational-Test-and-Evaluation-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 40 KB
40 KB 263ms
251ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/DCTA-realiza-primeiro-curso-de-Operational-Test-and-Evaluation-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 3b7fe4a8da88e474bd71f7994fe9298ef188b95ddb1c426d3acad3b72bd904b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Thu, 08 Dec 2022 15:56:46 GMT
server: nginx
etag: "6392093e-9e56"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 40534

GET
H2 200 Termino_do_Estagio_Basico_na_Aeronave_T_27M___S2_H._Pereira_1-218x150.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 22 KB
22 KB 268ms
257ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/Termino_do_Estagio_Basico_na_Aeronave_T_27M___S2_H._Pereira_1-218x150.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 8b2323e051d42d2e5fd48f578f5832c0001600061d61aa297ece01d3df221fad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 07 Dec 2022 11:50:29 GMT
server: nginx
etag: "63907e05-58b1"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 22705

GET
H2 200 F-39E-4104-218x150.jpg
www.aereo.jor.br/wp-content/uploads//2022/11/ 19 KB
20 KB 268ms
258ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/11/F-39E-4104-218x150.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 3819973b5035d844009c634ae90e2ab52e0c6ce40200777f4df1a23653aae4c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Tue, 29 Nov 2022 17:28:06 GMT
server: nginx
etag: "63864126-4da0"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 19872

GET
H2 200 F5-chamada-parte28-218x150.jpg
www.aereo.jor.br/wp-content/uploads//2022/11/ 26 KB
26 KB 278ms
267ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/11/F5-chamada-parte28-218x150.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 58a32798cb078251a1b88bb36a6908b475625622de15af6a51982c93b3b303bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Thu, 24 Nov 2022 17:21:15 GMT
server: nginx
etag: "637fa80b-6762"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 26466

GET
H2 200 F-35B-crash-696x392.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 37 KB
37 KB 272ms
263ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/F-35B-crash-696x392.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 45fa41f220014c5c47e454d4fdb592eb457b137dbded3c1b79b4e73c77ec0162

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Thu, 15 Dec 2022 19:39:26 GMT
server: nginx
etag: "639b77ee-93c9"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 37833

GET
H2 200 F-35.jpg
www.aereo.jor.br/wp-content/uploads//2019/08/ 70 KB
71 KB 275ms
266ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2019/08/F-35.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 010cbbf90388f3a838b4a2b9b496e46a5de1b21dc168c1a676a79d926b4bd3ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 07 Aug 2019 20:28:11 GMT
server: nginx
etag: "5d4b345b-119c4"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 72132

GET
H2 200 E195-E2_E190-E2-Corporate-formation-flight-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 43 KB
43 KB 272ms
264ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/E195-E2_E190-E2-Corporate-formation-flight-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 504a13de30619a292153f41443bfdb6006341b96aa176e683ab210eab9e7d42b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Thu, 15 Dec 2022 12:34:08 GMT
server: nginx
etag: "639b1440-ab17"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 43799

GET
H2 200 ARRW-2-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 19 KB
19 KB 273ms
265ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/ARRW-2-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: fd40dad69bdc4ba1b73095dbbaa15703ec6c786070dbc079c46e398d233bf607

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Tue, 13 Dec 2022 18:29:04 GMT
server: nginx
etag: "6398c470-4a8c"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 19084

GET
H2 200 Family_Energia_2022-Ruili_Airlines-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 45 KB
45 KB 264ms
257ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/Family_Energia_2022-Ruili_Airlines-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: f1e589f8c1a01e0b537c8742bff535fda87f144439eeed07935ebbe12ce18aba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Tue, 13 Dec 2022 13:12:42 GMT
server: nginx
etag: "63987a4a-b4f2"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 46322

GET
H2 200 td-multipurpose.ttf
www.aereo.jor.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ 127 KB
127 KB 260ms
256ms Font
application/font-sfnt 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aereo.jor.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6

Request headers

Referer: https://www.aereo.jor.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Sat, 12 Nov 2022 15:58:19 GMT
server: nginx
etag: "636fc29b-1fa3c"
x-powered-by: PleskLin
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 129596

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 20ms
19ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:31:33 GMT
x-content-type-options: nosniff
age: 157913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 01:31:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 103ms
36ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=767267349&t=pageview&_s=1&dl=https%3A%2F%2Fwww.aereo.jor.br%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20Inicial%20-%20Poder%20A%C3%A9reo%20%E2%80%93%20Avia%C3%A7%C3%A3o%2C%20For%C3%A7as%20A%C3%A9reas%2C%20Ind%C3%BAstria%20Aeroespacial%20e%20de%20Defesa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=883467204&gjid=864315221&cid=1490408997.1671225807&tid=UA-70618217-1&_gid=2147078114.1671225807&_r=1&_slc=1&z=1949135976

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KC-390-roll-out-21-10-2014-foto-17-Nun%C3%A3o-For%C3%A7as-de-Defesa.jpg
www.aereo.jor.br/wp-content/uploads//2014/10/ 176 KB
177 KB 114ms
114ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2014/10/KC-390-roll-out-21-10-2014-foto-17-Nun%C3%A3o-For%C3%A7as-de-Defesa.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 8e4c4278cdf68febac701fd26eebd2589d29c3d7a74a42d034ea0ac458d54bbb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Wed, 22 Oct 2014 00:50:09 GMT
server: nginx
etag: "5446ff41-2c174"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 180596

GET
H2 200 Gripen-E-Weapons-and-Pods.jpg
www.aereo.jor.br/wp-content/uploads//2017/09/ 366 KB
367 KB 138ms
138ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2017/09/Gripen-E-Weapons-and-Pods.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: e2fd5315c3e844c7a542d4f915bb09623cce9c8cff6693b7fb7b39188baa81b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Fri, 15 Sep 2017 16:44:26 GMT
server: nginx
etag: "59bc036a-5b99f"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 375199

GET
H2 200 Dassault-Mirage-IIIE-da-For%C3%A7a-A%C3%A9rea-Francesa-2-scaled-e1594558662592.jpg
www.aereo.jor.br/wp-content/uploads//2020/07/ 462 KB
463 KB 130ms
130ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2020/07/Dassault-Mirage-IIIE-da-For%C3%A7a-A%C3%A9rea-Francesa-2-scaled-e1594558662592.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 5e14c2a02e336bce8817c6a74c6d94ab7ecf3ae4978d39535f1fa82cbf977183

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Sun, 12 Jul 2020 12:57:42 GMT
server: nginx
etag: "5f0b08c6-73801"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 473089

GET
H2 200 Saab-Press-Trip-2022-1-485x360.jpg
www.aereo.jor.br/wp-content/uploads//2022/08/ 41 KB
41 KB 144ms
144ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/08/Saab-Press-Trip-2022-1-485x360.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 543735805dfecb8b0743bced80f2e2ef6c78acb33c52c1ec61ae7becb4b9876f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Mon, 29 Aug 2022 15:57:46 GMT
server: nginx
etag: "630ce1fa-a3ec"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 41964

GET
H2 200 F-18-shooting.jpg
www.aereo.jor.br/wp-content/uploads//2017/07/ 135 KB
135 KB 177ms
176ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2017/07/F-18-shooting.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 49817b462be7c23cb1305bccade679a839557828887c57b27d1b07946d20c8b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Mon, 24 Jul 2017 18:41:17 GMT
server: nginx
etag: "59763f4d-21c65"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 138341

GET
H2 200 Mirage-F1-FAR.jpg
www.aereo.jor.br/wp-content/uploads//2018/10/ 615 KB
616 KB 195ms
194ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2018/10/Mirage-F1-FAR.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: a5955945af0b59db86cbc83ed6ebf1e9480d57f2294fb1c794fbf0f290f64fa9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Sat, 27 Oct 2018 22:30:32 GMT
server: nginx
etag: "5bd4e708-99bb2"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 629682

GET
H2 200 FWAM-Republic-F-105D-Thunderchief.jpg
www.aereo.jor.br/wp-content/uploads//2015/10/ 400 KB
401 KB 178ms
177ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2015/10/FWAM-Republic-F-105D-Thunderchief.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 442e06d20ce9c517eff71b6076a8cc8b31bc1e57dae1aa11a40413aaf027d893

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Sat, 10 Oct 2015 19:22:26 GMT
server: nginx
etag: "56196572-641d7"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 410071

GET
H2 200 Jap%C3%A3o-vai-substituir-99-ca%C3%A7as-F-15-por-F-35.jpg
www.aereo.jor.br/wp-content/uploads//2018/12/ 246 KB
246 KB 359ms
358ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2018/12/Jap%C3%A3o-vai-substituir-99-ca%C3%A7as-F-15-por-F-35.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 118bdfdae6dc7673aa448cbcc4941a36841e58ecc4aaafc2195c1ef9228c853b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Mon, 10 Dec 2018 13:50:08 GMT
server: nginx
etag: "5c0e6f10-3d823"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 251939

GET
H2 200 Primeiro-Gripen-E-brasileiro-completa-seu-primeiro-voo.jpeg
www.aereo.jor.br/wp-content/uploads//2019/08/ 82 KB
83 KB 351ms
351ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2019/08/Primeiro-Gripen-E-brasileiro-completa-seu-primeiro-voo.jpeg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: bb0d79a30efdd0bc00e2ac3cd8f7ce7da8f784c96b373c908d3cae8df5a41597

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:26 GMT
last-modified: Tue, 27 Aug 2019 15:36:04 GMT
server: nginx
etag: "5d654de4-14967"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 84327

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 29 KB
29 KB 20ms
20ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aereo.jor.br
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 05:22:47 GMT
x-content-type-options: nosniff
age: 316839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 05:22:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 94ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-70618217-1&cid=1490408997.1671225807&jid=883467204&gjid=864315221&_gid=2147078114.1671225807&_u=IEBAAEAAAAAAACAAI~&z=549834832

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 21:23:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Replica-Gripen-e-piloto-Hans-Einerth-fotos-Nunao.jpg
www.aereo.jor.br/wp-content/uploads//2018/06/ 147 KB
147 KB 231ms
228ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2018/06/Replica-Gripen-e-piloto-Hans-Einerth-fotos-Nunao.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 029a181e8161887aaed575e2aadd5e7adbeb6d1ce4d6fe5989d598d596993078

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Thu, 14 Jun 2018 19:26:54 GMT
server: nginx
etag: "5b22c17e-24b49"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 150345

GET
H2 200 T-6G-1262-CTA.jpg
www.aereo.jor.br/wp-content/uploads//2011/02/ 136 KB
136 KB 240ms
236ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2011/02/T-6G-1262-CTA.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 5c02e9dc4b3d2e52fda7687bcba292421868f25888b712b739c5803c8105d097

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Sat, 26 Feb 2011 20:44:35 GMT
server: nginx
etag: "4d696633-21f29"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 139049

GET
H2 200 Rafale-foto-Dassault1.jpg
www.aereo.jor.br/wp-content/uploads//2013/06/ 106 KB
106 KB 244ms
240ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2013/06/Rafale-foto-Dassault1.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 56013609f30b56704479b9af89bc2d386227c5bb60c2fbc678d1ae1f0740f156

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Fri, 14 Jun 2013 15:53:17 GMT
server: nginx
etag: "51bb3c6d-1a89d"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 108701

GET
H2 200 Domingo-A%C3%A9reo-PAMA-SP-2014-A-menina-e-o-Buffalo-foto-Nun%C3%A3o-Poder-A%C3%A9reo.jpg
www.aereo.jor.br/wp-content/uploads//2014/10/ 126 KB
126 KB 262ms
257ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2014/10/Domingo-A%C3%A9reo-PAMA-SP-2014-A-menina-e-o-Buffalo-foto-Nun%C3%A3o-Poder-A%C3%A9reo.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: f288df72f359001eccd2fe3438ca41cb616bd27ab3a91faad00ff15fa3d3c86c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Thu, 02 Oct 2014 16:39:54 GMT
server: nginx
etag: "542d7fda-1f7fe"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 129022

GET
H2 200 Domingo-A%C3%A9reo-PAMA-SP-2014-ca%C3%A7as-F-5E-4883-e-4884-ex-Jord%C3%A2nia-no-Hangar-3-foto-2-Nun%C3%A3o-Poder-A%C3%A9reo.jpg
www.aereo.jor.br/wp-content/uploads//2014/10/ 190 KB
191 KB 256ms
252ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2014/10/Domingo-A%C3%A9reo-PAMA-SP-2014-ca%C3%A7as-F-5E-4883-e-4884-ex-Jord%C3%A2nia-no-Hangar-3-foto-2-Nun%C3%A3o-Poder-A%C3%A9reo.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 6d52689db7facdf94c53f2dd726acef6fd1d6c41c7f189e53da6c9a6923393f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Fri, 10 Oct 2014 15:49:48 GMT
server: nginx
etag: "5438001c-2f8d4"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 194772

GET
H2 200 palestra-Saab-f-gustafson2.jpg
www.aereo.jor.br/wp-content/uploads//2019/09/ 821 KB
822 KB 263ms
259ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2019/09/palestra-Saab-f-gustafson2.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: acf99e2c094ad6e7fa7aeba6b8713b69004ee8978ff1f442110aec5206e3e43b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Wed, 18 Sep 2019 19:43:03 GMT
server: nginx
etag: "5d8288c7-cd2a0"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 840352

GET
H2 200 Family_Energia_2022-Ruili_Airlines-696x391.jpg
www.aereo.jor.br/wp-content/uploads//2022/12/ 58 KB
58 KB 310ms
307ms Image
image/jpeg 208.109.190.28
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aereo.jor.br/wp-content/uploads//2022/12/Family_Energia_2022-Ruili_Airlines-696x391.jpg
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.109.190.28 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 28.190.109.208.host.secureserver.net
Software: nginx / PleskLin
Resource Hash: 0b264b477c6a57cfc5511a5b84761265a368c43bf6a638a7ec50f71c675abec1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Tue, 13 Dec 2022 13:12:42 GMT
server: nginx
etag: "63987a4a-e757"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 59223

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 133ms
89ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dcefb224df281d637367ea96e8e84d419be657a2888071837f23b165c7f553a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119953
x-xss-protection: 0
server: cafe
etag: 12112735567328910074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 21:23:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame C7A3 10 KB
4 KB 22ms
20ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:04 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 21:23:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ebHtml5Banner_api.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ 324 KB
325 KB 31ms
16ms Script
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1078703097&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&w=300&h=250&ord=[timestamp]&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3569f4e3a809c10ccd5429e65c125aa69fd00b8e5485dbabe2b94aac9c983382

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
last-modified: Mon, 12 Dec 2022 14:33:06 GMT
server: AmazonS3
x-amz-request-id: ZD3ADJSSSE927AGB
x-amz-cf-pop: EWR52-C1
etag: "8331dc8e250d2176fca1a350b91ecf25"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2226402
accept-ranges: bytes
content-length: 331665
x-amz-id-2: RQyGQd8sPVa1ao0Bd4IgC+IoJ6jFi8/m006RhU2QyW6jtcHoh9IXs7hZg6HOryXNRfgTDPvhqfU=
x-amz-cf-id: bN5WKFtfbNGHmpL97fRkhzFGxmwYW9e86wGUwHGQSClLga7s51nzoQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 94ms
37ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-70618217-1&cid=1490408997.1671225807&jid=883467204&_u=IEBAAEAAAAAAACAAI~&z=780576123

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 95ms
39ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-70618217-1&cid=1490408997.1671225807&jid=883467204&_u=IEBAAEAAAAAAACAAI~&z=780576123

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
33ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DQ2L68JE9E&gtm=2oebu0&_p=767267349&cid=1490408997.1671225807&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671225807&sct=1&seg=0&dl=https%3A%2F%2Fwww.aereo.jor.br%2F&dt=P%C3%A1gina%20Inicial%20-%20Poder%20A%C3%A9reo%20%E2%80%93%20Avia%C3%A7%C3%A3o%2C%20For%C3%A7as%20A%C3%A9reas%2C%20Ind%C3%BAstria%20Aeroespacial%20e%20de%20Defesa&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQ2L68JE9E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 369 KB
111 KB 53ms
53ms Script
application/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/5b687af3-cfdb-4b7a-9848-d686d10dff12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fe081a84ca6ae1db3a9694b552c5c07cb94958d6468e9a61b58c85366c3ff5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 12:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 175897
etag: W/"1d90ef0e4ea0b68"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJrAJ9y1D87%2BFRgPF2nteY%2FvxbfBGVjTQz%2FGqIvW9HvJ9Tt%2FlNs8tnVu7HQD7D2N8MbMBAA6FWyj24ux265uaQjpYQRKJ2zLDP8MxVvyVGIHgUs1IUgJ60nrJOuM%2F7ZuVk7BjjipJ934i6ykRRnkEeXwtpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 77aa7af19e113fcd-YYZ

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 112ms
50ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/5b687af3-cfdb-4b7a-9848-d686d10dff12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27539
x-xss-protection: 0
server: sffe
etag: "1423 / 994 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Dec 2022 21:23:27 GMT

GET
H2 200 p_icons_3.png
tags.premiumads.com.br/Content/ 12 KB
12 KB 55ms
54ms Image
image/png 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.premiumads.com.br/Content/p_icons_3.png

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342482
x-powered-by: ASP.NET
content-length: 12013
last-modified: Wed, 07 Dec 2022 14:47:02 GMT
server: cloudflare
etag: "1d90a4ac437d9ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5EK2c6rLy26ExfqDLDyRE3lKywzmdpk66d%2B6Jc%2Bp6nvkW1%2B0g3WjQT6OC30f2Uk7wQ0GeJw1yr071x4DX9vRTDR21PSfA3AF2s6J7W6YBiMc8KvgikhAG%2FBwlinBdh6jZmiXpCyoPAawKdyhwSDDOk9gxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 77aa7af1ae413fcd-YYZ

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 21ms
16ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=6972768&post=138050&tz=-3&srv=www.aereo.jor.br&j=1%3A11.6&host=www.aereo.jor.br&ref=&fcp=1323&rand=0.42374571251566784
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 16 Dec 2022 21:23:27 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
695 B 87ms
34ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.aereo.jor.br&callback=_gfp_s_&client=ca-pub-3617884028483888&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12be13ed5ba48960e319fe7ab9d2e38ef543d4df650950bc23bd8f8d1a2d2d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 120ms
42ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
35ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F5D 99 KB
33 KB 446ms
445ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=280&slotname=4579491807&adk=52731674&adf=4010924017&pi=t.ma~as.4579491807&w=1192&fwrn=4&fwrnh=100&lmt=1671225696&rafmt=1&format=1192x280&url=https%3A%2F%2Fwww.aereo.jor.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807101&bpp=30&bdt=879&idt=732&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=692257186449&frm=20&pv=2&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=3544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=AIBzQCpP2g&p=https%3A//www.aereo.jor.br&dtd=775

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26102900a2ff570b5f2fa4eba9d31aa480e73e57f0ae9cc6b85be99f8e685003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33974
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:28 GMT
expires: Fri, 16 Dec 2022 21:23:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 589F 94 KB
34 KB 446ms
445ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=250&slotname=2862219256&adk=3823964945&adf=4192660947&pi=t.ma~as.2862219256&w=300&lmt=1671225696&format=300x250&url=https%3A%2F%2Fwww.aereo.jor.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807176&bpp=8&bdt=954&idt=910&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=RkQr899mXD&p=https%3A//www.aereo.jor.br&dtd=923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86fadae3d1855646e5235b1d49f002605344c384b93f6721fcaa70e35eb840f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:28 GMT
expires: Fri, 16 Dec 2022 21:23:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_97_0_0/ 7 KB
7 KB 23ms
22ms Script
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_97_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:28 GMT
last-modified: Mon, 12 Dec 2022 14:33:07 GMT
server: AmazonS3
x-amz-request-id: YH7BD50J41HVJPWA
x-amz-cf-pop: EWR52-C1
etag: "5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2226389
accept-ranges: bytes
content-length: 7087
x-amz-id-2: 0NBINPyP6NmpCakHHRHLbjw+4wgNnNt6UKVJK9q3K9mbTSxFiQsJ50vl4JzV6m1sccI2LRH2Nqw=
x-amz-cf-id: Ptne94B2-PPy7renlSLNIXE2xtQNV92gbpOYOK5_RyjEike2B9UPEg==

GET
H2 200 mbda_meteor-gripen_300x250.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/ Frame 7A71 5 KB
2 KB 22ms
21ms Document
text/html 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36d02a1617083e372ad7858a8ab3302d4316eb71fda00d5d61cee1ff6de2e647

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 2077
content-type: text/html
date: Fri, 16 Dec 2022 21:23:28 GMT
etag: "2d904edbefcb2e8b659b2fcf56fb8b89"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: 3vRPnJQV866TcZrh0kKpEzwsKGVyT7W7fG2z8mQRJmFWuV96YqssVA==
x-amz-cf-pop: EWR52-C1
x-amz-version-id: r47ycBoPUsULOr.lQ5Dzn0ChHn6uprFB

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E7B 436 B
236 B 370ms
370ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=280&slotname=4579491807&adk=1654750209&adf=3669081314&pi=t.ma~as.4579491807&w=377&fwrn=4&fwrnh=100&lmt=1671225696&rafmt=1&format=377x280&url=https%3A%2F%2Fwww.aereo.jor.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807402&bpp=9&bdt=1180&idt=821&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280%2C300x250&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1019&ady=4530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=cuABAZ4NYh&p=https%3A//www.aereo.jor.br&dtd=829

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e617add98f5bad8475699d148f9fbd771ab8ba28bca36d485158014e04b65a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:28 GMT
expires: Fri, 16 Dec 2022 21:23:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 79ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Dec 2023 18:56:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 161 B
116 B 90ms
35ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.aereo.jor.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4686fbb22784ff8d70f48905a620057a3265e7b0e14065f89bd25d556ccf30c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Fri, 16 Dec 2022 21:23:28 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4215 154 KB
46 KB 388ms
388ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&adk=1812271804&adf=3025194257&lmt=1671225696&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x540_l%7C164x540_r&format=0x0&url=https%3A%2F%2Fwww.aereo.jor.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807689&bpp=2&bdt=1467&idt=593&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280%2C300x250%2C377x280&nras=1&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=647

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7dd11868035d17b879c8b89f2a08a67c262c96b31106f58d8e963e87b858573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46833
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:28 GMT
expires: Fri, 16 Dec 2022 21:23:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 createjs.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/createjs/1_0_0/ Frame 7A71 236 KB
63 KB 20ms
19ms Script
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/createjs/1_0_0/createjs.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 22:49:20 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: W/"2c827824a670702a535169f076c36254"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 6dIT5xILYX_x-ZE6zirKdJCVdZ90acE06dNl9sQj2A_9sUpnMOnr5Q==
content-length: 63964

GET
H2 200 mbda_meteor-gripen_300x250.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/ Frame 7A71 34 KB
7 KB 23ms
22ms Script
application/x-javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.js?1651591191379
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d81161a5fbcdecf6dc53a0882a238711f1551dcfa867ceb8484ac78b4e0968c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: G.11VifDbumbd0QSFPFoWucG2ZlQlCni
content-encoding: gzip
date: Fri, 16 Dec 2022 21:23:28 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "b9235bb081382626360411ff567b5997"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: CAx9QlSxBavC_KZ7LeFCn0cNCaSYaKymx8BxirvhZCSgaAokwDXsMA==
content-length: 6406
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET /
id.navegg.com/uid/ 0
0

GET
H3 200 css
fonts.googleapis.com/ Frame 4F5D 8 KB
895 B 77ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=280&slotname=4579491807&adk=52731674&adf=4010924017&pi=t.ma~as.4579491807&w=1192&fwrn=4&fwrnh=100&lmt=1671225696&rafmt=1&format=1192x280&url=https%3A%2F%2Fwww.aereo.jor.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807101&bpp=30&bdt=879&idt=732&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=692257186449&frm=20&pv=2&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=3544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=AIBzQCpP2g&p=https%3A//www.aereo.jor.br&dtd=775

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 20:36:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4F5D 2 KB
818 B 88ms
26ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4F5D 23 KB
10 KB 82ms
21ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 20:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4F5D 3 KB
1 KB 66ms
27ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:21:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4F5D 18 KB
7 KB 83ms
22ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F5D 153 KB
47 KB 105ms
46ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 21:23:28 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 4F5D 34 KB
14 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 04:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 04:55:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F5D 0
0 46ms
46ms Fetch
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7THKz-GcY5-EOI-yhQbU-K7QBbn54f5tptCCmIsQsd3wxMsBEAEg8KaWKWD96KKB8AOgAbeYgaIoyAEJqQI_jnD8oz97PqgDAcgDywSqBOoBT9CSxc4cHYpKKtOsSviaJq7zNns8ZF_K5w5Ezqlb2gNumcSTgJD7Pcsq6B5Hel0nfQXi1Yc6e892dN0GH3ZORw9Uw7kYY32RvuI6_doOIO3QEQk8a4wnvACXmBRGehuWzzQxO-ejAho-HtLEr6pCo8sColkNnMRLXGDxnNoXP18bmPKRQGEX91dV9oeQsTpnoEenj_mPvDAIbHaN2o6OHdekxYHgG5Mv1J8QCw4ATz8UUu9Et2wL4ujJiEQsdIbhWAUjlQ7dth_H_2TgFibQLVAtX1KYfeDnZZT5vKxLvpis57VlRKl70IY5wATlmvWj9wOSBQQIBBgBkgUECAUYBKAGLoAHtb7FlQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCxNtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi0zNjE3ODg0MDI4NDgzODg4GAA&sigh=RhLrrPTPr8Y&uach_m=[UACH]&cid=CAQSGwDq26N9w2DADPYViANCTX-a7wAhsIbi5AfXgBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=280&slotname=4579491807&adk=52731674&adf=4010924017&pi=t.ma~as.4579491807&w=1192&fwrn=4&fwrnh=100&lmt=1671225696&rafmt=1&format=1192x280&url=https%3A%2F%2Fwww.aereo.jor.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807101&bpp=30&bdt=879&idt=732&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=692257186449&frm=20&pv=2&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=3544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=AIBzQCpP2g&p=https%3A//www.aereo.jor.br&dtd=775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 21:23:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Dec 2022 21:23:28 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11805330001461775557/ Frame 4F5D 39 KB
39 KB 39ms
28ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11805330001461775557/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feba198dccb5d35db7262c56e6b2d142b2999313dd98a673ef73d25eedf0743e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:40:39 GMT
x-content-type-options: nosniff
age: 45769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39868
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:02:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Dec 2023 08:40:39 GMT

GET
DATA 200
OK truncated
/ Frame 4F5D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4F5D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adkit.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 7A71 71 KB
23 KB 19ms
18ms Script
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 22:46:45 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: W/"257b68f9ecc3e5a28f10fd241e580d02"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: vQLY3ym_n7F-zxDRS0U8w4gWWVHfy3OCaX3m2glknZbjIaSMDvI0BQ==
content-length: 22930

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1021 B 99ms
34ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 21:23:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2004736
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGKkH2g0F2i473Prn18bv%2FaLI1wpNUejTQjbe%2BM%2Bfidi2nmxn71BCRQbVahO2X3pU%2FDCKHnXHV19FCZ6YP6CqpLIBQ3y6NxZ0CttIXGVGSx7ywekKK5Fqkb7lXM0j2wGDqCoCuZMbReRoJSP"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 77aa7af7fed6a21d-YYZ

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 39ms
12ms XHR
application/json 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 418 B
1 KB 258ms
164ms XHR
application/json 2602:803:c002:200::115
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=329376&zone_id=1713798&size_id=8%3B2&alt_size_ids=%3B55%2C58&rp_schain=1.0,1!premiumads.com.br,68e51318-d362-494c-9dcb-084a44aea50c,1,,,&rf=https%3A%2F%2Fwww.aereo.jor.br%2F&tg_i.pbadslot=%2F75894840%2C22581080367%2FAEREO_FLEX%23P_AEREO_FLEX_0%3B%2F75894840%2C22581080367%2FAEREO_HEADERSTICKY%23P_AEREO_HEADERSTICKY_0&tk_flint=pbjs_lite_v7.26.0&x_source.tid=7ddb2481-e764-4e4b-9fed-b281c9d6a572%3Be740d973-e0c1-4ee0-9bfe-fdf935e7b6f9&l_pb_bid_id=5b30e4b0bd9e97%3B62f599e0687283&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1148%3B0.0574&rp_maxbids=1&p_gpid=%2F75894840%2C22581080367%2FAEREO_FLEX%23P_AEREO_FLEX_0%3B%2F75894840%2C22581080367%2FAEREO_HEADERSTICKY%23P_AEREO_HEADERSTICKY_0&slots=2&rand=0.8981694307804451
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2221ee9053663516f1da41456d3abf50d0a7d532ad07fce0e078e1c94f3a721e

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pb Show response
ad.360yield.com/ 9 KB
6 KB 344ms
278ms XHR
application/json 52.2.51.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.51.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-51-253.compute-1.amazonaws.com
Software: /
Resource Hash: fc81899694268ca9cba22e6807bd4af54ae3c4070cd07bc565f1dc1bc2e185a8

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 5653
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 KB
13 KB 307ms
264ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d2137a94d1b4de47a0d8204e9e9c46734fa3f0d888c0353e6a0b968e5f953ab4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Dec 2022 21:23:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 16436e96-4499-43e9-aa69-dbdb839d6e99
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
314 B 96ms
37ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.26.0&cb=63060114020&lsavail=1

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 21:23:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.aereo.jor.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 208ms
73ms XHR
application/json 23.105.12.145
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: ffcfefd0eba4f70f538bc97f39a02a1ea822f84d819480aa42457db83d50ea2d

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 278ms
145ms XHR
application/json 23.105.12.145
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: ca4cf5c50d8399195c466945c1116daaf260c5d2ec662ffb83e057ef79ba19ad

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 589F 2 KB
765 B 75ms
22ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=250&slotname=2862219256&adk=3823964945&adf=4192660947&pi=t.ma~as.2862219256&w=300&lmt=1671225696&format=300x250&url=https%3A%2F%2Fwww.aereo.jor.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807176&bpp=8&bdt=954&idt=910&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=RkQr899mXD&p=https%3A//www.aereo.jor.br&dtd=923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 589F 23 KB
9 KB 77ms
25ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 20:09:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 589F 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:21:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 589F 18 KB
7 KB 75ms
23ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 589F 153 KB
47 KB 96ms
45ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 21:23:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 589F 34 KB
14 KB 60ms
20ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 04:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 04:55:08 GMT

GET
DATA 200
OK truncated
/ Frame 4F5D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9de9b734d16ee94626b3a03422234dc9a8525110b96f0a83fec28045d83895c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 589F 0
0 46ms
45ms Fetch
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2QjX0OGcY976CK2Hrr4P5JWIwAX6ypf7bYe6hsOmEKrm0uCyARABIPCmlilg_eiigfADoAG3mIGiKMgBAakCgkeOv3Ieez6oAwHIA8sEqgT0AU_QfyQVIwi7dT9V0job4Afni11ISKZ6UtUG395UQzKe-RPqMWuQSVsBfioas14C7qOBAocobFNdlLPBEIG9svEUyZnpouIJPoMx5-ByjxNfwcUclxGIg9sRNzjTP84RoUxUvSTOS1QKMB8OeNmAosg8JIk_3I-VFfX8MwKNoObmYZ09_dvem-k7YleC8849A9r60ZHbYIGL8gNgHzFSwWC9LZ50wDfq-Hhi5FBF0waHxcKTd8963JdtIS87VE4aopgW6u_n0FR3BCElxZcR1iHYb2KvgZiB-A31OlUHQMawOJt6ZoGI31L8QK75zqUk4CkyIpzABKjetqKRBJIFBAgEGAGSBQQIBRgEoAYCgAeKktHHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEORD0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTM2MTc4ODQwMjg0ODM4ODgYAA&sigh=37jP1vu86IE&uach_m=[UACH]&cid=CAQSGwDq26N9ikhtepM753Bkw7xPUZ9K_VFM31iCehgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3617884028483888&output=html&h=250&slotname=2862219256&adk=3823964945&adf=4192660947&pi=t.ma~as.2862219256&w=300&lmt=1671225696&format=300x250&url=https%3A%2F%2Fwww.aereo.jor.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671225807176&bpp=8&bdt=954&idt=910&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1192x280&correlator=692257186449&frm=20&pv=1&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779793%2C31071268%2C44780792&oid=2&pvsid=1667055446542369&tmod=811181661&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=RkQr899mXD&p=https%3A//www.aereo.jor.br&dtd=923
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 21:23:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4F5D 28 KB
28 KB 21ms
21ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 175732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:34:36 GMT

GET
H3 200 9421544837236543686
tpc.googlesyndication.com/daca_images/simgad/ Frame 589F 10 KB
10 KB 120ms
119ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9421544837236543686?w=300&h=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6391e24db6deb25675d1d98302001fd6ccdf6baa350bf7fff99ee228f245393c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10117
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 11:11:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Dec 2022 21:23:28 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
182 B 154ms
35ms XHR
text/plain 3.17.243.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.243.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-243-71.us-east-2.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.aereo.jor.br
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
182 B 155ms
36ms XHR
text/plain 3.17.243.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.243.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-243-71.us-east-2.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.aereo.jor.br
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ 24 B
597 B 26ms
25ms XHR
text/html 100.25.107.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=6269595984046105775&ai=1089120648&usercookie=u2=954f7d8f-8ea2-430f-a3e1-babf39e7de13&oo=0&clsrc=2&clbv=_2_230_3_0&gdprpurposes=1023&dg=1077482358&sdg=1078494717&ctick=735&ord=0.8802690356659737
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.107.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-107-144.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ 0
467 B 26ms
25ms Ping
text/html 100.25.107.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=1089120648~~0~~1077482358~~6269595984046105775^VsR~0~0~01020~738^VsRAg~0~0~01020~738^AdStart~0~0~01020~738&usercookie=u2=954f7d8f-8ea2-430f-a3e1-babf39e7de13&rnd=0.6699749528381054&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.107.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-107-144.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 67ms
29ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 21:23:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 13824
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eei8TRvjC7VXj%2BO7MDaV3c7DHLiYrhG0rH864IFFMnzu6ToR6O9qBP2qyLjOz6pWR5wQv7KEHt9JCy8eOt9%2BzyP0FwIIu%2FqDQbpDtbj%2BLg9araJmYB4nJOmTIMn1QHZMn9xft08tZvgNOz8R"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 77aa7af9bb2d4003-YYZ

GET
H2 200 config.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 7A71 11 B
255 B 18ms
18ms Script
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/config.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Dec 2022 21:23:28 GMT
last-modified: Mon, 24 Jan 2022 22:47:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: "9b623b63a22644fd1a4bf2b3af3481d3"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
x-amz-cf-id: L9rifnyqovpTfpP2Ay0X_NGemQMROMTw6mmZ-RgKAA2BLa-ZEsOJ-w==

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

193ea1f9db6f7a5629aa6cd1679b3f1c9a70025867aa950364d8b1a712528919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52343
x-xss-protection: 0
server: cafe
etag: 4151743578128457606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 21:23:28 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame E012 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 21:49:18 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 80ms
38ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 78ms
38ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 589F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba398ca54abb65db21ce7e91b2abd1f842520725e64edfae9b8bb68d52c538b2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 EBLoader.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame 7A71 12 KB
4 KB 19ms
19ms Script
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9fff3be6850d99a91d7a75095d6f2da3acf82515afe7d12a8ae15471fdce69d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 12:53:43 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"12ebd542534f243380a8597e8f3d0ca3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: kzJzUEIXx9jfmaRy1AIgEfaDM2gz1a4TnlD_wxJ6OnZLQ2w29YCgwA==
content-length: 3622
expires: Fri, 16 Dec 2022 21:23:29 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
29 KB 618ms
617ms XHR
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1667055446542369&correlator=481820204030305&eid=31071150%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=75894840%3A22581080367%2CAEREO_FLEX%2CAEREO_HEADERSTICKY&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=120x600%2C970x90%7C728x90%7C1000x90&ifi=5&adks=861655115%2C39098973&didk=3178110318~1219875947&sfv=1-0-40&fsbs=1%2C1&prev_scp=data_type%3Dflex%26pp_loop%3D00%26pp_pb%3D0.60%26hb_adomain%3Dbeallsflorida.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D120x600%26hb_pb%3D0.20%26hb_adid%3D226b00201a55bdd%26hb_bidder%3Dimprovedigital%7Cdata_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.30&cust_params=url%3Daereo.jor.br%26categoria%3Dhome&sc=1&cookie=ID%3D20e2d08eb0f3f5e4-22d60ecd1dd9008d%3AT%3D1671225807%3ART%3D1671225807%3AS%3DALNI_Ma09caKp5KYTNiDqslMWETQrA5HxA&gpic=UID%3D000008d6f315567c%3AT%3D1671225807%3ART%3D1671225807%3AS%3DALNI_Ma1L8LuULoOuMyf2GSA0Cr_TwYPJw&abxe=1&dt=1671225809057&lmt=1671225696&dlt=1671225806222&idt=2318&adxs=-135%2C315&adys=315%2C1230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.aereo.jor.br%2F&frm=20&vis=1&psz=150x-1%7C1000x-1&msz=120x-1%7C1000x-1&fws=512%2C512&ohw=0%2C0&ga_vid=1490408997.1671225807&ga_sid=1671225808&ga_hid=767267349&ga_fc=true&ga_cid=2147078114.1671225807&cbidsp=CrICCAESDQoGb25ldGFnEIMCIAISDgoHcnViaWNvbhDLAiACEoABCg5pbXByb3ZlZGlnaXRhbBD-AhppCg8yMjZiMDAyMDFhNTViZGQQ79sMGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IgpoYl9hZG9tYWluKAE6BQh4ENgEIAESNAoIYXBwbmV4dXMQzgIaIwoPMjAzNTQzZmMwYzk1NDhlEILKCBoDVVNEKAE6BQh4ENgEIAESDQoGY3JpdGVvENgBIAISFAoNc21hcnRhZHNlcnZlchCpAiACGAIiJDdkZGIyNDgxLWU3NjQtNGU0Yi05ZmVkLWIyODFjOWQ2YTU3MioECAMgAEoAQMQT~CqEBCAESDQoGb25ldGFnEIMCIAISDgoHcnViaWNvbhDLAiACEhUKDmltcHJvdmVkaWdpdGFsEIADIAISDwoIYXBwbmV4dXMQ0wIgAhINCgZjcml0ZW8Q2AEgAhIUCg1zbWFydGFkc2VydmVyEKkCIAIYAiIkZTc0MGQ5NzMtZTBjMS00ZWUwLTliZmUtZmRmOTM1ZTdiNmY5KgQIAyAASgBAxBM.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a995d921c907141ebd148eea602cbb308b2901cef4aa08339801db130ef1d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29688
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2511 6 KB
3 KB 108ms
33ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:29 GMT
expires: Sat, 16 Dec 2023 21:23:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F56 36 KB
16 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 21:49:18 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 8072 10 KB
4 KB 19ms
19ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 69301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 02:08:28 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 02:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 EB.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_159_1_0/ Frame 7A71 82 KB
83 KB 19ms
19ms XHR
application/javascript 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_159_1_0/EB.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3b8337955894c8a81a8bb03185aef856823ae714484e28590163424c1adb3742

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Mon, 12 Dec 2022 14:33:07 GMT
server: AmazonS3
x-amz-request-id: 3JPFKAXD3RPJF49Y
x-amz-cf-pop: EWR52-C1
etag: "e9975a1b2e2e967ae9880929b3793481"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2226280
accept-ranges: bytes
content-length: 84367
x-amz-id-2: gA3ukjkMg9Wxdkbqdvit+VnWimDcTYNlYWOVyrJBNpRbfVLYUet0q+vbuabnyMqjFXODKcTdtU4=
x-amz-cf-id: y42aUFv-aHpCdpQv4Rg-_73UVzYPhxVsS4-cie9HZgzmvQP51SFp_g==

GET
H3 200 css2
fonts.googleapis.com/ Frame 8072 4 KB
636 B 37ms
35ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 20:34:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:29 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8072 205 B
229 B 21ms
19ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 00:30:34 GMT
x-content-type-options: nosniff
age: 75175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Dec 2023 00:30:34 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8072 604 B
628 B 22ms
21ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:06:27 GMT
x-content-type-options: nosniff
age: 73022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Dec 2023 01:06:27 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 8072 19 KB
8 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 22:15:13 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 7A71 0
191 B 36ms
36ms XHR
text/plain 3.17.243.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.243.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-243-71.us-east-2.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure-ds.serving-sys.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://secure-ds.serving-sys.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 bggrey.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 3 KB
3 KB 22ms
21ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/bggrey.png?1651591191361
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8a80db3395797aa95370550ee1f11c8994ee7b88150d9edc8753fd9c6854b376

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1BsX4v2vni8Wk34qhzJqhh_Y5EQqdNq4
date: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "102bcd98ad62573483fce845e9ef8861"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2565
x-amz-cf-id: dBriUn5d8Dkv4bWtXoPz3m64tmLSmbcV-xgjBm5U7rSnDsrECdr00A==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F38B 8 KB
895 B 39ms
38ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 20:28:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F38B 2 KB
765 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F38B 23 KB
9 KB 23ms
23ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 20:09:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F38B 3 KB
1 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:21:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F38B 18 KB
7 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F38B 0
0 92ms
36ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRROv2BdAGtinl4ESljizF3Axgmv5UErORP0AdzreUb6E9oIp4PWtgBuhPc9i9xCFTFSMsKJ_OuaT2iBzcZSZf93AH-qA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F38B 153 KB
47 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 21:23:29 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame F38B 34 KB
14 KB 23ms
23ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 04:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 04:55:08 GMT

GET
H2 200 bg.jpg
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 22 KB
22 KB 24ms
23ms Image
image/jpeg 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/bg.jpg?1651591191361
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5192f76b9960c64450f6a5217b55d80b6abbeec2cc42722ae09b819eed56a641

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: FLpgMhxV27fMg6Y58IcahW2VCP6ZZK6.
date: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "bbc92c31611a2fff2db3f64c26f59a94"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22158
x-amz-cf-id: tn97Aet1d5YCJ5OMC8ehz1kWxkXxHfl2BvRmc89V10zG6368Q5pRqA==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0BB6 1 KB
643 B 23ms
19ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 5358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 19:54:11 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 19:54:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fire.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 3 KB
3 KB 29ms
23ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/fire.png?1651591191361
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e01a6c93f8f6976b93fe098f46b785bd635bebf2a8624ab7a77f9df4f57dc72d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Glv2IQzrIuqfHAe2ngJnt8qJEerxhvZX
date: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "7216952a561d4b5360eca4bd059e630a"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2834
x-amz-cf-id: prhslpSCVg31U5iUxhozp7jae6MEZZyZfMDrGmbfxSwVadYGDyG8Ag==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0BB6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMX...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrI...

43 B
412 B

107ms
94ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77aa7affdc0cecee-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 9741
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PDTJzeMShTlyY_6hoZ-awQt1opIOqAwabO9B38jmyoCGsnU-UNVv7XUhJ17O7RUNr1HPztUb6LW-gK8gSr7l2rblOWwrIMXYL5%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77aa7afe6a46ecee-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEPX0YcqFNdkMRWGK3ivsvnU&google_cver=1&google_push=AavPq0Pb0JGZeBnuGTZ7ft4SkBMipnTVaGMSdtO8AI48bHMgwxN2ma98ZrDnBDosmWTAKPqZGqXcT0jkEUWfTg6VqITrDaCizRuZlUcN
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjJCRTY4RDBFRjVDMUQzOQ==

170 B
188 B

79ms
38ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjJCRTY4RDBFRjVDMUQzOQ==

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjJCRTY4RDBFRjVDMUQzOQ==
date: Fri, 16 Dec 2022 21:23:29 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_hm=Y5zh0fn_M-oRtuXdpjrMogAAADYAAAIB&google_nid=index&google_push=AavPq0O395oT40f9K8cwlnzLOFm2OwCmVdvxF...

170 B
188 B

112ms
110ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_hm=Y5zh0fn_M-oRtuXdpjrMogAAADYAAAIB&google_nid=index&google_push=AavPq0O395oT40f9K8cwlnzLOFm2OwCmVdvxFo6BBnNd4dDXBAGYXuQVxMKYsvi-jUP4N7HsnGwGtQolJgAeva6AY0SfYJcd68rzrWo

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6k5WT1nQWRCdRf3WFASBiC8qv3O8vV9bYiVo2mwhpvg6t04zmdOsO1z%2FPSyhMZ0E9S5BPorw9P7zhXH%2B9YdXdihK%2FVQW8gR6uBO%2FEkSdciZ9IfxYp2HDb9EWf9RfQk56JvamFAuZtozlPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJNe3MSQ7Q5UoHyVI0ouTCw&google_hm=Y5zh0fn_M-oRtuXdpjrMogAAADYAAAIB&google_nid=index&google_push=AavPq0O395oT40f9K8cwlnzLOFm2OwCmVdvxFo6BBnNd4dDXBAGYXuQVxMKYsvi-jUP4N7HsnGwGtQolJgAeva6AY0SfYJcd68rzrWo
cache-control: no-cache
cf-ray: 77aa7affebb6cab0-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEGMl3WbVK5WusADO40gqsW8&google_cver=1&google_push=AavPq0NT9M6fIqW06EFdzuOmTBTsXThNrBsLbvP8DyZOnr-I1TVasa3wRsq4D42V0KRFak8moeuNzUTN3G9xl1x7orZ_Rc8ReY7...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NT9M6fIqW06EFdzuOmTBTsXThNrBsLbvP8DyZOnr-I1TVasa3wRsq4D42V0KRFak8moeuNzUTN3G9xl1x7orZ_Rc8ReY7aoPbq&google_hm=Zzk4YTZkMTAwZmI0...

170 B
188 B

79ms
39ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NT9M6fIqW06EFdzuOmTBTsXThNrBsLbvP8DyZOnr-I1TVasa3wRsq4D42V0KRFak8moeuNzUTN3G9xl1x7orZ_Rc8ReY7aoPbq&google_hm=Zzk4YTZkMTAwZmI0NzMxZTY4N2E=

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NT9M6fIqW06EFdzuOmTBTsXThNrBsLbvP8DyZOnr-I1TVasa3wRsq4D42V0KRFak8moeuNzUTN3G9xl1x7orZ_Rc8ReY7aoPbq&google_hm=Zzk4YTZkMTAwZmI0NzMxZTY4N2E=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEPAtxQ_XwHiBEuU8LLXLfHk&google_cver=1&google_push=AavPq0PNuvEgmvjlbhQaofnxkRL3P3Umwf8VRrAzayiAIHzU5kd42IHMLtjllAJd0H2lgaoX7D75epjxr7lP_TWxehVIvtEyp_MBMB-_
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0PNuvEgmvjlbhQaofnxkRL3P3Umwf8VRrAzayiAIHzU5kd42IHMLtjllAJd0H2lgaoX7D75epjxr7lP_TWxehVIvtEyp_MBMB-_&google_hm=7bb91568a18d94a...

170 B
188 B

77ms
37ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0PNuvEgmvjlbhQaofnxkRL3P3Umwf8VRrAzayiAIHzU5kd42IHMLtjllAJd0H2lgaoX7D75epjxr7lP_TWxehVIvtEyp_MBMB-_&google_hm=7bb91568a18d94aec973528080b004a1

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0PNuvEgmvjlbhQaofnxkRL3P3Umwf8VRrAzayiAIHzU5kd42IHMLtjllAJd0H2lgaoX7D75epjxr7lP_TWxehVIvtEyp_MBMB-_&google_hm=7bb91568a18d94aec973528080b004a1
date: Fri, 16 Dec 2022 21:23:29 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEPUySv3eSRNCfnAEn_hdZgw&google_cver=1&google_push=AavPq0M5eyOWEw5m1EYoePSEVOaiu4pkm5ZqklxmyFRT71kkTeB7VAfn_...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0M5eyOWEw5m1EYoePSEVOaiu4pkm5ZqklxmyFRT71kkTeB7VAfn__1HLsSUAjKtqErRpFUVytLXyS97i27KPjzrYUhzpN9xia4Abg&google_hm=QlMuMDRiMy1k...

170 B
188 B

101ms
60ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0M5eyOWEw5m1EYoePSEVOaiu4pkm5ZqklxmyFRT71kkTeB7VAfn__1HLsSUAjKtqErRpFUVytLXyS97i27KPjzrYUhzpN9xia4Abg&google_hm=QlMuMDRiMy1kZDNkLTRkZGUtYjA0OA==

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0M5eyOWEw5m1EYoePSEVOaiu4pkm5ZqklxmyFRT71kkTeB7VAfn__1HLsSUAjKtqErRpFUVytLXyS97i27KPjzrYUhzpN9xia4Abg&google_hm=QlMuMDRiMy1kZDNkLTRkZGUtYjA0OA==
Date: Fri, 16 Dec 2022 21:23:29 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIKvqIcG8...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIK...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

52ms
51ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&%%GOOGLE_PUSH_PAIR%%
Date: Fri, 16 Dec 2022 21:23:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0BB6 0
223 B 82ms
34ms Image
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxX7n1QdLaejsmr7XBjynSA0rPkWdEak75c-Cgkm3SMxENzQ6gk9zqoUr8_AVbAxz1mgZl8j4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 icon.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 2 KB
2 KB 22ms
21ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/icon.png?1651591191361
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cc8bf05b3c6b6d2eeb81510a102958bb9cb90b1677ee2a06e239b7c073833ae4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 9H5NkHu5ofIjDDWLV8LP0Dk4zaSeShFE
date: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "fd5a9d3099e6ad9fbf4cc485ba38db3b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1821
x-amz-cf-id: XrWgDliaq7JwUf_buUcwFNxg-AXYvteWfigMgeQbJGIbNCsekOC6Xg==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 90ms
48ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d88923d7fdb0b7fd1dfb09e02a574b4d34107c58e961106e4af76fc4666caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11146
x-xss-protection: 0

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 0
374 B 28ms
27ms XHR
text/html 100.25.107.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1089120648~~0~~1077482358~~6269595984046105775%5EActualSize~300x250x0x1x0000x0x0x300x250~0~01020~1599$$&usercookie=u2=954f7d8f-8ea2-430f-a3e1-babf39e7de13&rnd=0.4574729936088968&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.107.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-107-144.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame F9BB 36 KB
16 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 21:49:18 GMT

GET
H2 200 logo1.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 2 KB
2 KB 26ms
22ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/logo1.png?1651591191361
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a4123724a3c873661ea718024316aa202b4df48d0a4ed015f7f838b1bfa79ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: njjk3moV7xKNdUYVzY3jpO4rhxC4eiQo
date: Fri, 16 Dec 2022 21:23:29 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "3a1a52c09a5450f54fa66d5f66df524a"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1624
x-amz-cf-id: 6urEH_C6GlRAb0hBX7N2eV-QNktNkw9W0EPF_SVbbn_u8uMDGzVMig==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 container.html Show response
454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 411D 6 KB
3 KB 20ms
19ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:29 GMT
expires: Sat, 16 Dec 2023 21:23:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EF7 6 KB
3 KB 21ms
20ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:29 GMT
expires: Sat, 16 Dec 2023 21:23:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 21:23:29 GMT

GET
H2 200 mask.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 11 KB
11 KB 23ms
22ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/mask.png?1651591191361
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a04c30aec36a8c655d3248c9f544db203449fb431af7054f2bd0aa1d646d8cfe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: PTlH0V8a2EW0aK7rz.inPVn.X.gNiBlt
date: Fri, 16 Dec 2022 21:23:30 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "ae0b6dba5daa34bc92145dc71d14fe89"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11033
x-amz-cf-id: wQJ9K2OeTkXOEhhcDtkSLnAZUrOEbCBWX429HIaedn4K2nxX0lLyLw==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 411D 0
0 57ms
57ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-CxA0eGcY-OhDMq6zwXI0bTIAdKRto1tudCuypYPwI23ARABIABg_eiigfADggEXY2EtcHViLTM2MTkwNDU4ODcxODcwMzHIAQngAgCoAwGqBIsCT9DXo-yU308h3OaA8Z-pDexdZOw4Hh4EhYys_qKqCkZ-0zgrdzqBbDkFlmTielKjcDUvLpZsJcqsF5NbnSmN_Amv6zfeAeSBxFg5SWuykCX58Db63d_GO_-HaoutEMwRKbuz6Ur9pcZhsTplmaZEO2YTfdlbdB6kRnvwZpV0f0t0XJuGE1MIGmoyBML5mwSEZNkhV2upo_6h5s_xp23Z8wudRF9FtJCYgUxkP0VWXFNJnwDfxZqp6JuE_6HrbQmR0RaS-f3SE9K590JcE4pCgkYi88r9JipTIBuKOiSZyyP8N9UGicNlZ_USMsZKF-WCQjKft58285KHJKtwm7-6_Sl0XxjdotRvgIz94AQBgAbTuJ6HqKOW1fIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTEzNjcxMjIzODIxNDQ1ODWACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzYxOTA0NTg4NzE4NzAzMRigwxw&sigh=U_gJ_P6j_lo&uach_m=[UACH]&cid=CAQSOwDq26N9S7Qbtmtl4isONlEZbNbsw91Vi8P3aPQWT9NKN_lz1BiqtGvbxTGlBcCizYuhiZmsejpOnTd9GAEgEw
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 204 rtimp
g.bidbrain.app/ Frame 411D 0
0 135ms
63ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=e29cf78a-7d87-11ed-9908-0ef11e7ec071&d=www.aereo.jor.br&cr=ext_gen2_v10_start_fires__0&gid=CAESEE_JZOJK2-I3kayIEcQt6NM&a=imp&p=Y5zh0QADEOMKs91KAA0oyO8v9M6evdANSX9_jw&im=OMifFjgHuTj91dkzQioNTJUWH5Fwam4iSSdowqUYCKN2k5LOv6lHq2-jaY5B-ZmDtTdBcEYscGitWw7NhPx6pEJNHyxYpOtFeGiAKdZIAhPWtgz7AeoW8pIs_okuzeLLiOaiMqpORpqb4EKklAyMGrLOyVp3kBiZbpshvj4lncg4buj03uSRm9LCTJkgPg7VlPz-E3UhLwnRX_K11HUHl5l9QJGY3zOTpuOW89Tx9Co
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 411D 4 KB
636 B 45ms
44ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 20:16:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 411D 1 KB
427 B 45ms
44ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 20:55:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 411D 2 KB
552 B 58ms
57ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 20:37:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 411D 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:21:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 411D 18 KB
7 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 411D 0
0 50ms
49ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqFJgvtZJe_rg6NtHq0sDgDrBbfawCw8k38IEFwjrW9eQVfm5HyO3dg6dX4nFp4UvCJvFL9C3q8pJLNgctVkuatDZ-Nw
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 411D 24 KB
6 KB 22ms
20ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 21:15:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 411D 153 KB
47 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3EF7 0
0 54ms
53ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiZZk0eGcY-ShDMq6zwXI0bTIAb6VpK9s99rS06wMwI23ARABIABg_eiigfADggEXY2EtcHViLTM2MTkwNDU4ODcxODcwMzHIAQngAgCoAwGqBI8CT9DiHCibcef-PMVx6NrSiWTxECIU3HNlJDSkqFOCr_iDdf7T2Zxvi-yy5ezEVR1Gx_j1G6i28cQAaYe20VEPcwMofLtvzDuVhcl1F5A-oWoH01NDF0e8wJkZba6pmTuyx1gAehKx5K90_bNuJQ0TT6VPQt4-vms6NRvxVzBYTMEtrxXMYihsFlF81ILWzBsrpcYDvhKHmsKTRFt2SJ_WGFIn1IVpYt45r2KEn_qKQfieEj8L7rL8Hq-0QCty8nz93IreyoEAqoqHYlUnPfAivBeE6voNvJ6K7XmrRIogQSTmHRFddYuMXXD_6hLbDnJK7npQTo9lG-xVTjuXe85QefurGiVrIJGZGe99XlKQN-AEAYAGsIyY98q02IMVoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTEzNjcxMjIzODIxNDQ1ODWACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzYxOTA0NTg4NzE4NzAzMRigwxw&sigh=Fspd7_LmZ1I&uach_m=[UACH]&cid=CAQSOwDq26N9S7Qbtmtl4isONlEZbNbsw91Vi8P3aPQWT9NKN_lz1BiqtGvbxTGlBcCizYuhiZmsejpOnTd9GAEgEw
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 log
hblg.media.net/ Frame 3EF7 35 B
0 172ms
43ms Fetch
image/gif 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=3a4ebe1d6ef04e41b00c7d4079c804e7&bidrestime=1671225809375&cbdp=0.094&ogbdp=0.13&prvReqId=13152863860851_509545316_44225416312941&pvid=294&scrid=1700080806124000970009000001000&size=970x90&slotVisibility=2&viewability=82&app=0&cc=CA&cid=8CUF4235B&csip=rtb-appnexus-64d76c54bd-qd4zm.SC&device_id=4&dn=aereo.jor.br&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.aereo.jor.br&dtc=east_sc&zone=d&commit_id=1224efef&ugd=4&ctr=0.0016719465&rme=nurl

Requested by

Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 3EF7 35 B
0 116ms
19ms Fetch
image/gif 23.204.152.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.1300&ss_d2=0&stid=&other_prv=294&jar_err=&current_day=5.0&adtyp=0&req_id=NCmDcal9d8C-5tpXD-EUbA&bd_m3=0.0000&bidfp=0.0800&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=67.4882&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=28&floor_bucket=0.10&gpid_format=&seat=BID_API&rc=-1&size=970x90&f_seg=&prdp=0.0936&ogcbdp=0.1300&dfpbd=0.0936&server=1&ogerpm_wd_bkt=0-1&model_version=202212161733_generic_adx_1-cid_1&viewability=0.8200&dmm_r=0.0000&cut=28&dmm_l=0.0000&as_cache=0&tcyerpm=&sc=CA-QC&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.15&ugd_ver=&requrl=aereo.jor.br%2F&bidrestime=1671225809375&cc=CA&strg=harmony&ss=&current_hour=21&time_stamp=2022-12-16+21%3A23%3A29&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.1300&ct=Montreal&akey=&mnckfl=0&bdp_bucket=0.15&algo=&dc=east_sc&splid=&erpm_mult=1.000000&dn=aereo.jor.br&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&buyer_id=&dmm_m10=1173051&bdp_wider_bucket=1&acid=3a4ebe1d6ef04e41b00c7d4079c804e7&zone=d&infl=&o_ver=NT+10.0&br_ver=108.0.5359.124&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.1.2&totalTimeBucket=3&visibility=2&totalTime=3505999&dmm_m1=2022-12-16+21%3A23%3A29.377073134&e_rpm=0.0000&dmm_m22=0.1300&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUF4235B&bcrid=1700080806124000970009000001000&rawbid=0.1300&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-64d76c54bd-qd4zm.SC&dfp_bucket=0.0&adblk=39098973&itype=adx&pvid_seat=294_BID_API&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=442254163&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.13
Requested by: Host: www.aereo.jor.br
URL: https://www.aereo.jor.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.204.152.12 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:30 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 3EF7 159 KB
55 KB 228ms
129ms Script
text/javascript 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-72-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7b6f547145e1c33cf6e1570efa23a5c4884056037bf0abe87b3a66513eb50b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-mnt-h: 8-35
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 16 Dec 2022 21:23:30 GMT
server: Apache
etag: "a3d3d28adbe556c2bd0cf27a20cbaf9e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-7
expires: Fri, 16 Dec 2022 21:28:30 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 3EF7 61 KB
62 KB 170ms
47ms Script
application/javascript 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Fri, 16 Dec 2022 21:23:30 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=28141
access-control-allow-credentials: true
content-length: 62892
expires: Sat, 17 Dec 2022 05:12:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3EF7 3 KB
1 KB 30ms
27ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:21:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3EF7 18 KB
7 KB 31ms
28ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 21:12:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3EF7 0
0 47ms
45ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRF6QobXuLIaEq5S0xWRX8F98GMB8KTy2_Gmc7bhF1VjuqpRmZmOP7zPltVZxM8s7IGLW0PAmqed2YWERpFxMuRB1OO-g
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3EF7 24 KB
6 KB 32ms
30ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 21:15:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EF7 153 KB
47 KB 85ms
83ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 21:23:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D30B 13 KB
5 KB 59ms
38ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 33519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 12:04:51 GMT
expires: Sat, 16 Dec 2023 12:04:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F85D 783 B
532 B 62ms
40ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf4566279d7dd9904e495625baf12ce5d33ee5dbc8c749f20a41d27a0ccf2349

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zKwVathJEAu2lcwYcewdAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-zKwVathJEAu2lcwYcewdAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:30 GMT
expires: Fri, 16 Dec 2022 21:23:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 meteor.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 6 KB
7 KB 44ms
23ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/meteor.png?1651591191361
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f13fed8325843b6b7d6d051e6916ba4bc8e7ed329a949333004dfc7d8a1b7ef2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: DtwA245I3XuGuPYRZ7hvGq5g7g6d1Ugo
date: Fri, 16 Dec 2022 21:23:30 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "25894e3c25705983ef7efbd87cd56cf7"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6478
x-amz-cf-id: UtAXb6idQjVFLJVAiy68PR03IK3wKJSctxA-QkRnvX2bplRtRiywhA==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 72BA 1 KB
643 B 22ms
18ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 5359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 19:54:11 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 19:54:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 411D 0
0 65ms
41ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.7165060942552963
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 411D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b02572e8fb267dc87dedf85cba3782838fc359a348dab77cff5f6085af7eb750

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 411D 15 KB
15 KB 20ms
20ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:05:32 GMT
x-content-type-options: nosniff
age: 37078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:05:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 411D 15 KB
16 KB 22ms
21ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 168716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:31:34 GMT

GET
H2 200 plane2.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 6 KB
6 KB 23ms
21ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/plane2.png?1651591191361
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 38fdc5df57a7e9a187d2aa33a882480af42ba1e90219fa749be09a79dbc0089f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: dKLI4Ad0QfxIPW6T2mFIyKeQsjr_vcTp
date: Fri, 16 Dec 2022 21:23:30 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "76e2f224fab11a1c5ed63a68ca6bef26"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5765
x-amz-cf-id: 64iJBLDLFjqgbM0n3VCALMgKJjvda3ZGHCypdLT53-3UhFtwPQmN5w==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 72BA 43 B
610 B 135ms
111ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGaa6Y9-k-52nSIWEyCaZmw&google_cver=1&google_push=AavPq0Mo5nKym5D3EfnKX-8fh3DUvRzmaY7P-_wKC9zxgiFiL8JYjZspV-21gv5neG7mHr6kxN3BaSvMdIdLBYtlzbAGL_YTuQqd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mo5nKym5D3EfnKX-8fh3DUvRzmaY7P-_wKC9zxgiFiL8JYjZspV-21gv5neG7mHr6kxN3BaSvMdIdLBYtlzbAGL_YTuQqd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77aa7b029f437151-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72BA
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEP6Adz-V2JhjkwTs2dyX6YA&c_param1=AavPq0PY-t7zFKK-bPUgJ5ZsLQIzDpchQPZrF2-EkvkGuJwhE4sZSH_Ny3f2EEF6H6VGKgpzrXdPt4I-RC_Jt6kQWg-t5n4-rFE&gdpr=%%GDPR%%&a...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PY-t7zFKK-bPUgJ5ZsLQIzDpchQPZrF2-EkvkGuJwhE4sZSH_Ny3f2EEF6H6VGKgpzrXdPt4I-RC_Jt6kQWg-t5n4-rFE

170 B
188 B

38ms
37ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PY-t7zFKK-bPUgJ5ZsLQIzDpchQPZrF2-EkvkGuJwhE4sZSH_Ny3f2EEF6H6VGKgpzrXdPt4I-RC_Jt6kQWg-t5n4-rFE

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PY-t7zFKK-bPUgJ5ZsLQIzDpchQPZrF2-EkvkGuJwhE4sZSH_Ny3f2EEF6H6VGKgpzrXdPt4I-RC_Jt6kQWg-t5n4-rFE
date: Fri, 16 Dec 2022 21:23:30 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72BA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHhTzzzE2DWrBpRiR6HV8II&google_cver=1&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHhTzzzE2DWrBpRiR6HV8II&google_cver=1&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc4OTk3ODAyMzU3NDEzMDI0&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd...

170 B
188 B

40ms
40ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc4OTk3ODAyMzU3NDEzMDI0&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd0Knb0xZ6ngC_XprRL5s

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc4OTk3ODAyMzU3NDEzMDI0&google_push=AavPq0NpzD-r8wknZUImwosbY8R0vhq9lKgnWmzagjvH39bfuqQbti7Xtcmeh-x52zFgD2SQ-p_rzSQd0Knb0xZ6ngC_XprRL5s
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72BA
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOI0yJiEJ_kJlsN4MxR5AT8&google_cver=1&google_push=AavPq0M9kVyOTBk5MFQkJxZms2aolBbfbdbaHxL0jyT7h2ZDiNBJRb1DHew1MWZiFUPHD6GKKJGI6Py4Ok4Iexpw21...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE4MTQ3ODAxMzMyMTgxNDI4Mzg&google_push=AavPq0M9kVyOTBk5MFQkJxZms2aolBbfbdbaHxL0jyT7h2ZDiNBJRb1DHew1MWZiFUPHD6GKKJGI6Py4Ok4Iexpw21CS...

170 B
188 B

50ms
50ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE4MTQ3ODAxMzMyMTgxNDI4Mzg&google_push=AavPq0M9kVyOTBk5MFQkJxZms2aolBbfbdbaHxL0jyT7h2ZDiNBJRb1DHew1MWZiFUPHD6GKKJGI6Py4Ok4Iexpw21CSCwu3ESei

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE4MTQ3ODAxMzMyMTgxNDI4Mzg&google_push=AavPq0M9kVyOTBk5MFQkJxZms2aolBbfbdbaHxL0jyT7h2ZDiNBJRb1DHew1MWZiFUPHD6GKKJGI6Py4Ok4Iexpw21CSCwu3ESei
Date: Fri, 16 Dec 2022 21:23:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72BA
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEPUySv3eSRNCfnAEn_hdZgw&google_cver=1&google_push=AavPq0NRAOn_xx2NBFa2iT0OFcD6KfB6W2Sk3-Y64cxJIS4UPypUdAFyi...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0NRAOn_xx2NBFa2iT0OFcD6KfB6W2Sk3-Y64cxJIS4UPypUdAFyiYsX0LwtW9daGyeCJwP819PbcPFLMcfCkctwDoY5ZwXZtw&google_hm=QlMuMDBhMC1jMTRj...

170 B
188 B

36ms
36ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0NRAOn_xx2NBFa2iT0OFcD6KfB6W2Sk3-Y64cxJIS4UPypUdAFyiYsX0LwtW9daGyeCJwP819PbcPFLMcfCkctwDoY5ZwXZtw&google_hm=QlMuMDBhMC1jMTRjLTRmMzctYjcwZA==

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0NRAOn_xx2NBFa2iT0OFcD6KfB6W2Sk3-Y64cxJIS4UPypUdAFyiYsX0LwtW9daGyeCJwP819PbcPFLMcfCkctwDoY5ZwXZtw&google_hm=QlMuMDBhMC1jMTRjLTRmMzctYjcwZA==
Date: Fri, 16 Dec 2022 21:23:30 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72BA
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHTNGztvKECwEIt3lxziWwI&google_cver=1&google_push=AavPq0M24IsfXeL6YePaKddXFmzNnOn7lQOyb26zhWcO6okwfnkNkkdOEuOfqF_0CItwOxSfGcQ58JhD4ghiQeCLfDu-aX8...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0M24IsfXeL6YePaKddXFmzNnOn7lQOyb26zhWcO6okwfnkNkkdOEuOfqF_0CItwOxSfGcQ58JhD4ghiQeCLfDu-aX8ypTFF&google_hm=NTg2MzMzMjk...

170 B
188 B

37ms
36ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0M24IsfXeL6YePaKddXFmzNnOn7lQOyb26zhWcO6okwfnkNkkdOEuOfqF_0CItwOxSfGcQ58JhD4ghiQeCLfDu-aX8ypTFF&google_hm=NTg2MzMzMjk1OTgwNjc4MzQ3MQ==

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0M24IsfXeL6YePaKddXFmzNnOn7lQOyb26zhWcO6okwfnkNkkdOEuOfqF_0CItwOxSfGcQ58JhD4ghiQeCLfDu-aX8ypTFF&google_hm=NTg2MzMzMjk1OTgwNjc4MzQ3MQ==
Date: Fri, 16 Dec 2022 21:23:30 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72BA
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEP3of9WmZgbqPExU-8Grqg8&google_cver=1&google_push=AavPq0NBU4BV4L-M_z4TOvE9q53u6c5fklnVT5hfYCikTQ7juFavLDQxHC9YfFBzyOPlwPetTFOuYHu2cwNHCL78CvUW_FqbkA1f
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0NBU4BV4L-M_z4TOvE9q53u6c5fklnVT5hfYCikTQ7juFavLDQxHC9YfFBzyOPlwPetTFOuYHu2cwNHCL78CvUW_FqbkA1f&google_hm=bee183775e2605...

170 B
188 B

36ms
35ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0NBU4BV4L-M_z4TOvE9q53u6c5fklnVT5hfYCikTQ7juFavLDQxHC9YfFBzyOPlwPetTFOuYHu2cwNHCL78CvUW_FqbkA1f&google_hm=bee183775e2605720239fe233da4cc9a

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0NBU4BV4L-M_z4TOvE9q53u6c5fklnVT5hfYCikTQ7juFavLDQxHC9YfFBzyOPlwPetTFOuYHu2cwNHCL78CvUW_FqbkA1f&google_hm=bee183775e2605720239fe233da4cc9a
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 72BA 0
12 B 36ms
35ms Image
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JP9k5c5CDWpAvJyEti8kGT9oGuJGOuKKEAeF5NUU9pNGtAU8d7NmzYZ-eSoD0QFhsRBhiYes9m

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 rtimp
g.bidbrain.app/ Frame 411D 0
18 B 66ms
44ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=e29cf78a-7d87-11ed-9908-0ef11e7ec071&d=www.aereo.jor.br&cr=ext_gen2_v10_start_fires__0&gid=CAESEE_JZOJK2-I3kayIEcQt6NM&a=load&p=Y5zh0QADEOMKs91KAA0oyO8v9M6evdANSX9_jw&r=1127607773&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F85D 0
0 33ms
33ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1667055446542369&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 411D 0
0 42ms
41ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.8416388380342767
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 txt01.png
secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/ Frame 7A71 2 KB
2 KB 22ms
21ms Image
image/png 23.49.251.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/images/txt01.png?1651591191361
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.202 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-202.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6eea98b9480f20c65db8f9d7c993e5582cd9a806d53904e25901b9c55356779

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073745971/20220503/1076527558/70613883088299949/mbda_meteor-gripen_300x250.html?v=_2_159_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ptCV7mYXZkHJtpDaE75DXKnXJlOZU2mf
date: Fri, 16 Dec 2022 21:23:30 GMT
last-modified: Tue, 03 May 2022 15:26:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "9e64ab15160ec352734d2e67f17d7bb4"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1874
x-amz-cf-id: VjsEf9XJVYpN8D4r4_YHrDcf7hWsAVufc55wZmRqUCGn-gQJ5vNtHQ==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame D30B 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 21:49:18 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame CA6E 61 KB
24 KB 432ms
430ms Document
text/html 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=812171582&size=970x90&cc=CA&chnm=HARMONY&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fwww.aereo.jor.br&nse=5&vi=1671225810903078368&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4xBgg4Nea&bcpf=B4xBgg4N8fOnRrolnfOur8ea&bdrId=294&bid=328264&ntv=0&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0926278408t202212162123&newfl=1&htmlsrc=1&allsc=QC

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-72-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

b75f4869fe9537d28983083812651f5aca3b17559b92bfa2bb272f55326eb90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 23954
content-type: text/html
date: Fri, 16 Dec 2022 21:23:30 GMT
expires: Fri, 16 Dec 2022 21:23:30 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-sc-h: 21-vslw

GET
H2 200 bping.php
lg3.media.net/ Frame 3EF7 15 B
15 B 66ms
41ms Image
text/html 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=555&&vgd_cdv=835&vgd_cage=1&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=812171582&vi=1671225810903078368&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781032&r=1671225810408&requrl=https%3A%2F%2Fwww.aereo.jor.br&vgd_bid=328264&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1671225810162645307&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=442254163&vgd_pgid=p0926278408t202212162123&vgd_pgids=1&vgd_uspa=0&hvsid=00001671225810402025035145463168&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Fri, 16 Dec 2022 21:23:30 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=37215
content-length: 15

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 411D 0
0 41ms
41ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.09889763280852892
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame DFBC 26 KB
9 KB 43ms
43ms Document
text/html 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-72-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

46a2f0f91d752a43e387bf4b937cd21a59ffe329f103f72e8934bca744c073de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9326
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 21:23:30 GMT
expires: Sun, 18 Dec 2022 21:23:30 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 3EF7 35 B
199 B 42ms
41ms Image
image/gif 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4575&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUF4235B&reqid=NCmDcal9d8C-5tpXD-EUbA&vid=NCmDcal9d8C-5tpXD-EUbA&dn=aereo.jor.br&rawDn=aereo.jor.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.aereo.jor.br&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=CA-QC&ct=Montreal&pubid=pub-ADX-116310109131-pub-rep&tgtval=pub-ADX-116310109131-pub-rep&csip=rtb-appnexus-64d76c54bd-qd4zm.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=514&sckfl=1&suid=CAESEArUpiWVm00_t6x-LIvnHa0&smbrid=adx-2&usp_status=0&usp_enf=1&gqid=ADdJoTviPMEQhX3RzBIwthtiWXyMZP1dAVlJwWx8vmB2GW0swwjeuzbqzbOxTeYQSs0VdOh7&pexid=ADX-pub-3619045887187031&geoll=false&is_ortb=false&s_ip=74.125.19.8&s_city=morganton&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-16+00%3A00%3A00&schain_cmpl=0&dummy_vsid=false&amptype=1&second_call=false&rtttime=57&pvid=294&prvAccId=812171582&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=442254163&prspt=headerBid&prvReqId=13152863860851_509545316_44225416312941&reqsize=970x90&size=970x90&chnl=HARMONY&bdp=0.130&cbdp=0.094&og_cbdp=0.130&ogbdp=0.13&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.094&dt=O&dbf=1&epc=812171582&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-812171582-51-27&tpbTkn=false&exid=31&bidflr=0.080&pbidflr=0.080&opbidflr=0.080&spbf=0&viewability=82&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&seat=BID_API&brsrclk=0&bidrestime=1671225809375&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.13&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080806124000970009000001000&strg=HARMONY&vls=0&scrid=1700080806124000970009000001000&mang=1&pvdTmax=244&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=5&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=5&mx_sid=8CUF4235B&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=728x90%7C970x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=3a4ebe1d6ef04e41b00c7d4079c804e7&rtime=31.0&wsip=mowx-lite-5847bf8c79-mqtzz&ltime=42.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=39098973&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=3a4ebe1d6ef04e41b00c7d4079c804e7_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0016719465&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=NCmDcal9d8C-5tpXD-EUbA&viewability_vendor=EXCHANGE&actltime=43&debug_ts=2022-12-16+21%3A23%3A29&__expireat=1671226409629&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.13~vw_exc%3D0.82~vis_sd%3D400~dc2%3D1~bat%3D0%2C0%2C1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022121617~iurl_b%3D801.82~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.63~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D11%2C12~et%3D15~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022121616~vis_b%3D817.68~url_b%3D1.25~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D500980~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~vl2r_url_kc%3D0E0~bm%3D1~sid%3D812171582~sd%3D1~uid%3D2IaGkIRo0QPGzejkmP~btd%3D8212050184053226093606152684663340706673033524685032570022502857379683719577275492174659584~kb_src%3Dkbb~3pcf%3D1000.37~uim%3D0~dmm_strg%3Dharmony~vurl_b%3D2~ss%3DNA~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rps_b%3D72.77~vurl_l%3D20~CI%3D2807~nts%3D2~kb_ul%3Dpt~kb_ccks%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.5~isif%3D0~lc%3D1~bid%3D0.13~kb_pt%3DHomepage~dc%3D8~vl2r_b%3D2.15~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.130%7Edmm%3Dharmony%7Esuid%3DCAESEArUpiWVm00_t6x-LIvnHa0%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-3619045887187031%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D39098973%7Esobp%3D%7Ectr%3D0.0016719465%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.080%7Eogbid%3D0.130%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D728x90%7C970x90~bsb%3D5~bsp%3D0~tmx%3D244&utime=1052&sf=0&cpr=0.7950512169939217

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: max-age=3600
date: Fri, 16 Dec 2022 21:23:30 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sat, 17 Dec 2022 03:23:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E346 1 KB
643 B 19ms
18ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 5359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 19:54:11 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 19:54:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3EF7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0536d4c1034a63ddd16ebd45c0b4b2ce896f417d4bdb66c3bde4dec4e28f66a2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 411D 0
0 43ms
42ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.012590027002267634
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2

200

cksync
cs.media.net/ Frame DFBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE0MjI3NDEwMTQ1NDY2NjAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP6QgPXjCcKH2EBi-_rHuso&google_cver=1

45 B
445 B

103ms
70ms

Image
image/gif

184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP6QgPXjCcKH2EBi-_rHuso&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-36-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Fri, 16 Dec 2022 21:23:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP6QgPXjCcKH2EBi-_rHuso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame 411D 0
18 B 45ms
45ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=e29cf78a-7d87-11ed-9908-0ef11e7ec071&d=www.aereo.jor.br&cr=ext_gen2_v10_start_fires__0&gid=CAESEE_JZOJK2-I3kayIEcQt6NM&a=ev_prf&p=Y5zh0QADEOMKs91KAA0oyO8v9M6evdANSX9_jw&r=1127607773&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%2280.40%22%2C%2296.20%22%2C%22100.20%22%2C%2266.30%22%5D
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E346
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEKCZX0H4rsXraQRp8Zq28RU&google_cver=1&google_push=AavPq0PEJGrGXlT8lC27SG1BKm1T5kMv2Q9AgaBGJL-7tsMPYatyL0f_XHiT3o7seFDpL4PB-N8tRqNEYHYfZy94caBdvTZi5GVC...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AavPq0PEJGrGXlT8lC27SG1BKm1T5kMv2Q9AgaBGJL-7tsMPYatyL0f_XHiT3o7seFDpL4PB-N8tRqNEYHYfZy94caBdvTZi5GVCk53vfczc5ShLr2nTp2cHASYE1bc...

170 B
188 B

38ms
37ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AavPq0PEJGrGXlT8lC27SG1BKm1T5kMv2Q9AgaBGJL-7tsMPYatyL0f_XHiT3o7seFDpL4PB-N8tRqNEYHYfZy94caBdvTZi5GVCk53vfczc5ShLr2nTp2cHASYE1bcd6ce4M46I-TDVJwo&google_hm=UjFCMzMwX0ZCMDExNzk2XzYzMjQwNTgz

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AavPq0PEJGrGXlT8lC27SG1BKm1T5kMv2Q9AgaBGJL-7tsMPYatyL0f_XHiT3o7seFDpL4PB-N8tRqNEYHYfZy94caBdvTZi5GVCk53vfczc5ShLr2nTp2cHASYE1bcd6ce4M46I-TDVJwo&google_hm=UjFCMzMwX0ZCMDExNzk2XzYzMjQwNTgz
Date: Fri, 16 Dec 2022 21:23:29 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-354212610; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 381
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E346
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG0VLylw1Qq6nt2TPDkMqnY&google_cver=1&google_push=AavPq0OmRb9B-ttT2IxjySnlW6dB8I8zhG5D934P_BaCtY5R2Qzl4jIc6-FHFLhvyZ2mEqPSHw2Avyvcg9__H2G9-0PK...
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=google&user_id=3d7002b1-44b9-4004-9551-630e440de136
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OmRb9B-ttT2IxjySnlW6dB8I8zhG5D934P_BaCtY5R2Qzl4jIc6-FHFLhvyZ2mEqPSHw2Avyvcg9__H2G9-0PKJmkNsZhtuTAiSlJKHl0GJBuPpojZuY-LzRW0n-x6NS...

170 B
188 B

41ms
40ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OmRb9B-ttT2IxjySnlW6dB8I8zhG5D934P_BaCtY5R2Qzl4jIc6-FHFLhvyZ2mEqPSHw2Avyvcg9__H2G9-0PKJmkNsZhtuTAiSlJKHl0GJBuPpojZuY-LzRW0n-x6NSmD5OJwyw&google_hm=3dxaogX2TiyczRWXsjWY6w==

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OmRb9B-ttT2IxjySnlW6dB8I8zhG5D934P_BaCtY5R2Qzl4jIc6-FHFLhvyZ2mEqPSHw2Avyvcg9__H2G9-0PKJmkNsZhtuTAiSlJKHl0GJBuPpojZuY-LzRW0n-x6NSmD5OJwyw&google_hm=3dxaogX2TiyczRWXsjWY6w==
Date: Fri, 16 Dec 2022 21:23:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E346
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAavPq0Ny3m2x64UFDe7676zyKcYV4MsXtbyHXU4LfV7mbntbFCCMCtp8VWZYtHGV5_5PJwEoM7coMjogZZ...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Ny3m2x64UFDe7676zyKcYV4MsXtbyHXU4LfV7mbntbFCCMCtp8VWZYtHGV5_5PJwEoM7coMjogZZyaf9-4VibQx5-DK7KBdY7eIiBCjYaDSkpa1cLb-oS1ReVpFunx...

170 B
188 B

40ms
39ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Ny3m2x64UFDe7676zyKcYV4MsXtbyHXU4LfV7mbntbFCCMCtp8VWZYtHGV5_5PJwEoM7coMjogZZyaf9-4VibQx5-DK7KBdY7eIiBCjYaDSkpa1cLb-oS1ReVpFunxoBXZERJnbaI&google_hm=cae65fa0-54c5-4454-aafb-beedb35556ac

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:30 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-193
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Ny3m2x64UFDe7676zyKcYV4MsXtbyHXU4LfV7mbntbFCCMCtp8VWZYtHGV5_5PJwEoM7coMjogZZyaf9-4VibQx5-DK7KBdY7eIiBCjYaDSkpa1cLb-oS1ReVpFunxoBXZERJnbaI&google_hm=cae65fa0-54c5-4454-aafb-beedb35556ac
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E346
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEhizzZCQ1AM6lIbqEO9YNE&google_cver=1&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYM...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYMv...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NTA4OTU5NTg1NTY2Mzc4MDI3MA%3D%3D&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyW...

170 B
188 B

37ms
36ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NTA4OTU5NTg1NTY2Mzc4MDI3MA%3D%3D&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYMv_XGWeEVqZEeBykdYymYWLPS2N0VgC687yxBShjXpznA

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NTA4OTU5NTg1NTY2Mzc4MDI3MA%3D%3D&google_push=AavPq0Mfym3G7EhWNr2ylaAwbd8ptXEbQ0AqoepMazgwKDetk1N-5iyWoE-eLfaVH3MFiRyh6E2-AGvPMZuvIWZ7OB0Jzi9fYMv_XGWeEVqZEeBykdYymYWLPS2N0VgC687yxBShjXpznA
date: Fri, 16 Dec 2022 21:23:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET pub
cs.chocolateplatform.com/ Frame E346 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame E346
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOzvXb64frDo-Nc5Zm0R8_w&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NGJlZDg3MTctM2FjYS00OTFiLThiNWQtZjMyZjcxZTc4Yzk4&google_push=AavPq0NAXz6fs_bVwVulJdGTZyBULwLpI6kQnaoVIjO8HG1vzeFrZEoxcvupFuuM7l9lC...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

33ms
32ms

Image
image/gif

23.64.61.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.64.61.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-61-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 16 Dec 2022 21:23:30 GMT
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E346
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEP3of9WmZgbqPExU-8Grqg8&google_cver=1&google_push=AavPq0MjX54e7UkT4JuEcljKGJB1LEhXSR-oX7Y6BcCs3ac43HdWiZgbEEfHxojzXgIEcmRcsBmhheGbV0B6NM0XNIqW49Wfi...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0MjX54e7UkT4JuEcljKGJB1LEhXSR-oX7Y6BcCs3ac43HdWiZgbEEfHxojzXgIEcmRcsBmhheGbV0B6NM0XNIqW49WfiokZnbqrWg84hJsMzAldGaBNW8lJj...

170 B
188 B

41ms
38ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0MjX54e7UkT4JuEcljKGJB1LEhXSR-oX7Y6BcCs3ac43HdWiZgbEEfHxojzXgIEcmRcsBmhheGbV0B6NM0XNIqW49WfiokZnbqrWg84hJsMzAldGaBNW8lJjw1Nh_KZRckjRrULc97t&google_hm=bee183775e2605720239fe233da4cc9a

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0MjX54e7UkT4JuEcljKGJB1LEhXSR-oX7Y6BcCs3ac43HdWiZgbEEfHxojzXgIEcmRcsBmhheGbV0B6NM0XNIqW49WfiokZnbqrWg84hJsMzAldGaBNW8lJjw1Nh_KZRckjRrULc97t&google_hm=bee183775e2605720239fe233da4cc9a
date: Fri, 16 Dec 2022 21:23:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E346 0
12 B 40ms
36ms Image
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDCaXZnFizMDyKDngJZB5tDHV8Z-cGPwI5SNXLRtWHtRwQ9IYbLHpd5do9qrYpoloCqd9n2ms

Requested by

Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D30B 0
11 B 21ms
20ms Image
text/plain 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1jMsZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame CA6E 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CA6E 231 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CA6E 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame CA6E 25 KB
25 KB 90ms
19ms Font
application/font-woff 23.204.152.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=812171582&size=970x90&cc=CA&chnm=HARMONY&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fwww.aereo.jor.br&nse=5&vi=1671225810903078368&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4xBgg4Nea&bcpf=B4xBgg4N8fOnRrolnfOur8ea&bdrId=294&bid=328264&ntv=0&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0926278408t202212162123&newfl=1&htmlsrc=1&allsc=QC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.204.152.28 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 21:23:30 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-6478"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25720

GET
H/1.1 200
OK OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame CA6E 21 KB
21 KB 91ms
20ms Font
application/font-woff 23.204.152.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=812171582&size=970x90&cc=CA&chnm=HARMONY&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fwww.aereo.jor.br&nse=5&vi=1671225810903078368&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4xBgg4Nea&bcpf=B4xBgg4N8fOnRrolnfOur8ea&bdrId=294&bid=328264&ntv=0&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0926278408t202212162123&newfl=1&htmlsrc=1&allsc=QC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.204.152.28 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 21:23:30 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-54c8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21704

GET
H/1.1 200
OK OpenSans-Regular.woff
res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/ Frame CA6E 66 KB
66 KB 69ms
18ms Font
application/font-woff 23.204.152.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=812171582&size=970x90&cc=CA&chnm=HARMONY&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fwww.aereo.jor.br&nse=5&vi=1671225810903078368&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4xBgg4Nea&bcpf=B4xBgg4N8fOnRrolnfOur8ea&bdrId=294&bid=328264&ntv=0&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0926278408t202212162123&newfl=1&htmlsrc=1&allsc=QC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.204.152.28 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 21:23:30 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-107c8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67528

GET
H2 200 bql.php Show response
lg3.media.net/ Frame CA6E 15 B
159 B 43ms
42ms Script
text/html 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4827&&&vgd_l2type=scs_newfl&fp=jrEnkokRCUeDYjbEUoOxoC229qh-rbtUZg0mq3l2-EJuFXkDK-b4_hJgM-7ZneJOPS5JRbYxihYBORWtuAuKWzVfcZLvS2ejNnYDU8mj4TEZ3MbuO1pEA6JLJlatp_PWQwgpCXYyZuI%3D&cme=1EV5VggWshQGS27SefaGtZ8njYG4zbsQUwr5YtoGgj2GiRdh8XzgbjvcZffc6-4-i2cb2dhFvk71eQwUCOmpcz7vzHak2OAUKNk0rryA5ogGY8W1wUbMBulrZWnR8IK8PgKtvBAaAtORtBaM72kK2uaADsvRU1B0BGCBzA2PfkD4scDdEDPyTaFwBc2SWxXzi1f_PumZQB2xH8HFJBazoGC_N2ex0GRtw_EUwdCuDEGHKiF4H3Qp3w%3D%3D%7C%7Cu8A6SM53vAegAGxV45CeTQhqXMfGG42b%7CM2iEfcEhg6qVbPT8jRFCNA2vAeD78ks_%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD71Sv9WgQwwC71QBA-yqV60x4g7bmepWs6NT7a_B3oOXg%3D%3D%7CJkKcRoySpJbVX_94MGcjfSyYbAv5gNkbrzormkepQPvDE9wEtY10bIS9MM4YRqi-RFONsO7AENjWzFjzhQ5-CJ2QX66IhKbFybGnMS4r0j2dzH90-O8OV5nS3Sg5Geh85nM4jSJ-d7IigaNeTXvXlL8fSNKk2V3yIYrfvrHc5Bh1FmWtl3L-YPkCV7V3FLiwnHQFPLT4HRlgtSdEvPlH0jnZTtgS3s0PBJCQ2CZll2BUS-JpDVYZ8S37wCt2hqh7%7C&ksu=224&fdkt=375&vgde_kbbh=fuoyxQBuG&kwd[]=Stocks+To+Invest+In&kwt[]=375&kbc[]=112314&kwp[]=1&kid[]=27190006&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.76%7C2%3D6.62%7Cps%3D0.876%7C3%3D0.50%7C4%3D4.06&ktd[]=274911461632&kwd[]=Best+High+Return+Investments&kwt[]=375&kbc[]=39029&kwp[]=2&kid[]=326649050&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.52%7C2%3D8.89%7Cps%3D0.876%7C3%3D0.50%7C4%3D4.00&ktd[]=274894684416&kwd[]=Change+My+Password&kwt[]=375&kbc[]=110092&kwp[]=3&kid[]=5556246&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.28%7C2%3D2.61%7Cps%3D0.876%7C3%3D0.35%7C4%3D3.39&ktd[]=274911461632&kwd[]=Watch+Live+Streaming&kwt[]=375&kbc[]=250055&kwp[]=4&kid[]=180959855&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.16%7C2%3D1.24%7Cps%3D0.876%7C3%3D0.14%7C4%3D4.50&ktd[]=4503874538832128&kwd[]=Traffic+Accident+Reports&kwt[]=375&kbc[]=25523&kwp[]=5&kid[]=28812268&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.29%7C2%3D2.40%7Cps%3D0.876%7C3%3D0.09%7C4%3D3.79&ktd[]=4503874538832128&kwd[]=Cost+of+Private+Jets&kwt[]=265&kbc[]=757&kwp[]=6&kid[]=7058222&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.14%7C2%3D1.70%7Cps%3D0.571%7C3%3D0.30%7C4%3D1.00&ktd[]=274911592704&v=1&geo=45.5%7C-73.58&lper=100&lpid=&tsid=15040&hint=&cc=CA&wsip=170762531&bca=0&ugd=4&vgde_setid=Nfu&cid=8CU5RJ1PV&vi=1671225810903078368&vsid=3142274101454688&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=442254163&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=4808&vgd_nrrsf=scrr&vgd_cty=montreal&&vgd_ifrmode=14&vgd_l1rakh=1671225810162645307&sttm=1671225810402&upk=1671225810.11225&hvsid=00001671225810402025035145463168&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&sbdrId=196&vgd_ecrid=1700080806124000970009000001000&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D16276&&vgd_vstrid=3142274101454688&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.uA~eBMJ-Nv9.Wf~e8QMQOvH99~ONfvu~G17v9%2C9%2Cu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ffufuFuh~8xLjMGvW9u.Wf~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.FA~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvu9~L88Ex1vuu%2Cuf~J7vuX~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffufuFuF~e8QMGvWuh.FW~xLjMGvu.fX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vX99iW9~GGvuiF~eev9~jfLMGvu999~JLEYv9.uA~ejfLMxLjMUNv949~GYvu~Q8OvWufuhuXWf~QOvu~x8OvfV1ZUVDm9g0ZlJdUY0~G7OvWfuf9X9uWH9XAffF9iAF9FuXfFWHFFAAH9h9FFhA9AAXfHFWX9AfXh99ffX9fWXhAhiFWAhuiXhhfhXHifuhHFXiXWH~UGMQLNvUGG~AENkvu999.Ah~x8Yv9~OYYMQ7Lyvw1LYmz5~exLjMGvf~QQvIK~UGMOjvE7~x8Bvou~NJv9~LEQMGvhf.hh~exLjMjvf9~%3DVvfW9h~z7Qvf~UGMxjvE7~UGMNNUQvu~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~jNvu~G8Ov9.uA~UGME7vqmYJE1yJ~ONvW~ejfLMGvf.uX~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wf~1YEvu~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov%3DK4b4KLPE8p%2FY99M7F-oTVezq19~QOvu~O7NvJ1Q7MQN~-8OvKrtoExGoAFui9HXWWhuWh9Au~O1jyv~w7Yjvu~1OGjUvAi9iWihA~QmGEv~N7Lv9.99uFhuiHFX~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9W9~myG8Ov9.uA9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vA9~OmyGv9ou~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGvX~GQEv9~7Y-vfHH&vgd_optout=0&vgd_cfud=220317&vgd_scsver=373&vgd_rensize=970_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A90&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001671225810402025035145463168&subBdr=196&bdrid=294&rc=0&rand=1671225810895&acid=3a4ebe1d6ef04e41b00c7d4079c804e7&matm=1671225810895&vgd_ltimesrc=1&vgd_ltime=953&vgd_rtime=863&vgd_etm=8&vgd_l1hcsd=A35%7C8266&vgd_l1ch=1&vgd_lhl=2845&vgd_pgid=p0926278408t202212162123&vgd_adprefflag=10&vgd_adpref_diff=110&vgd_csip=rtb-appnexus-64d76c54bd-qd4zm.SC&vgd_sbSup=1&vgd_nrrs=4901&vgd_cntrdt=SF%7C454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=812171582&size=970x90&cc=CA&chnm=HARMONY&pid=8POJ4N28G&tpid=TJD0857&https=1&vif=2&requrl=https%3A%2F%2Fwww.aereo.jor.br&nse=5&vi=1671225810903078368&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4xBgg4Nea&bcpf=B4xBgg4N8fOnRrolnfOur8ea&bdrId=294&bid=328264&ntv=0&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0926278408t202212162123&newfl=1&htmlsrc=1&allsc=QC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Fri, 16 Dec 2022 21:23:31 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=38425
content-length: 15

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 96ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Dec 2022 21:23:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 36ms
36ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1667055446542369&bg=!OTqlOn7NAAYgquz3AKo7ACkAdvg8WlHNXF4wQFjrvNq0WmhZgG6dmQEAWxA2ajktqAFuXW-iMPNnZQIAAADBUgAAAAVoAQeZAvK-Qv55hZoqFsJYcr9Eow-26a2g6FIMadMeV4TUJ6M4R4z62nzPewt1QqzADiIRmt-MvGaz73d1tEIbpYVoyY7hxkP7yz7vdyaAVlYRUTin91K0Kig7qsSoio3s0f9SOSYCHiTrlNsNTvKuPrCWP_yXooF_L_d48xfWtQymvHax-rYHul7rUwJfDsWxaUEOmGl3piaQB5FrDWmmp51tGEZdhYm2ojWjRvLdR-Wgjt1JguaLLnJQrAkcUjCH-Xmt6XvHLyKnERbzUrS00Iuxznq48WsznNiRj1iWQsB2MF7Ihdwio4zTz1y_zpBjTQMyyIXRpcZDVxRXZJos_mnPebcj2BbyemsdDnLy2lGVW2tPiw5BXyPs2bbYZulDAvPGcPCmt15c13N3OIhjWM-1FhnpQ8R9RgG_lzX-WCBwO9DHKxLuqWPU4kZou39TuOpIJ3IjSFUQdqeC8medTt3QhpmOioRU6VknNI2m0CQVXALLKBfP9BRxqtq8Wa8K4JxfjhabcvhRoN6zx0-Qfpnz7BkqRfRLI8X5Icll-zWMmW3kAfBpr-k42HQOrjNYOHAcqBWSsIOXbopyw_ZZF-5kYd6kkm8q_FGpnxGsmJK6QR8aQbDO7icinqC8DZJWf8WB43_rh9_KEcT4MSyr-1DC6JQlS3IFV3tTbqURlHx2_-pJhc5uit4FCAs0PSoRspkVTv7KFRkjjSEhYo8V_6Ne7oQmYvZFkjzyF5r8vbOYliwwRWkxXP36a9p6zznGDmtoZnIqK6A7hQSZ32jugK92zn9qvFNEIFXSxOreIr2O7-YyryjNl2X0V-RKvRKBIQlffjNDm8oRkM9G0ZfAooFIIVuHsxh5w3KZ-xJbN_ust3JT4b16GKwdcA0W3Z8pXj6Ra6-x9uDvPhHCp7SjVw_ntVMVQjemsSccRIC9pLhkK9WlRpcu4Yzldb7gak4K9HniVQnzs09KOWFx4LlkZJ4rY-c_MmlhKwu60UxDkrMLvlGfguyi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CEDE 15 KB
6 KB 80ms
27ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.aereo.jor.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:23:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 365758
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 70ms
25ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Dec 2022 21:23:31 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CEDE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=aereo.jor.br&sn=ChromeSyncframe&so=0&topUrl=www.aereo.jor.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=OvtC6Hx6cU4ySno1VExaZm9MaEFBcStkaUJwN3g3clNyOFIxcUtnUnA4TTdUT3JUU0tNdEhjUmM4bHdNY3ZCeFpic1NLYU4yUE5IVk81ZzJ2aU1STm1taFQ2bHBHRndjSEU2SFBpNGxVeVRJSVJULzlzNXRlSDVMVHZDaE...

427 B
653 B

85ms
24ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OvtC6Hx6cU4ySno1VExaZm9MaEFBcStkaUJwN3g3clNyOFIxcUtnUnA4TTdUT3JUU0tNdEhjUmM4bHdNY3ZCeFpic1NLYU4yUE5IVk81ZzJ2aU1STm1taFQ2bHBHRndjSEU2SFBpNGxVeVRJSVJULzlzNXRlSDVMVHZDaEQwMUVrVkZ6YnozekVZQzYrYXdDSEk2YUt5bWxSeEpvL1BPVkp6RkFnQXRyZVpucmE1U3IxVzZRVFNGelZFRitOTWxWeEsyTzhFMUFFUnFZbHNsWmliMTloUkkya1c5cms1dkZxSW1STEorUGpYM3pmWExmNnhVYVl5VFIwSWFCRHdXR3pHMlVIbTdneW04ejZ2TnNzMW5kVWtCVWhiUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

71eedb601e4876ab697e64fcc0ab1527a89a2dcc1082616435066829ac5cc996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1958290
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=OvtC6Hx6cU4ySno1VExaZm9MaEFBcStkaUJwN3g3clNyOFIxcUtnUnA4TTdUT3JUU0tNdEhjUmM4bHdNY3ZCeFpic1NLYU4yUE5IVk81ZzJ2aU1STm1taFQ2bHBHRndjSEU2SFBpNGxVeVRJSVJULzlzNXRlSDVMVHZDaEQwMUVrVkZ6YnozekVZQzYrYXdDSEk2YUt5bWxSeEpvL1BPVkp6RkFnQXRyZVpucmE1U3IxVzZRVFNGelZFRitOTWxWeEsyTzhFMUFFUnFZbHNsWmliMTloUkkya1c5cms1dkZxSW1STEorUGpYM3pmWExmNnhVYVl5VFIwSWFCRHdXR3pHMlVIbTdneW04ejZ2TnNzMW5kVWtCVWhiUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 595505
content-length: 0
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3EF7 42 B
64 B 34ms
34ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIHtshIVnOgb5QWp5MyaX80a0EyMeHWujU0Ot5_0pnRnspxZ3jF-YWUaFncnSN73JSFrtoFmHiveIOdEsfWMHveN5c&sig=Cg0ArKJSzEaCtFFR3eO2EAE&cid=CAASFeRoqZ2wHJOZg-zxChCcPhB1mjLQiQ&id=lidar2&mcvt=1030&p=1112,315,1206,1285&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=20&adk=39098973&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671225809834&rpt=637&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame 3EF7 35 B
200 B 42ms
41ms Image
image/gif 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUF4235B&reqid=NCmDcal9d8C-5tpXD-EUbA&vid=NCmDcal9d8C-5tpXD-EUbA&dn=aereo.jor.br&rawDn=aereo.jor.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.aereo.jor.br&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=CA-QC&ct=Montreal&pubid=pub-ADX-116310109131-pub-rep&tgtval=pub-ADX-116310109131-pub-rep&csip=rtb-appnexus-64d76c54bd-qd4zm.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=514&sckfl=1&suid=CAESEArUpiWVm00_t6x-LIvnHa0&smbrid=adx-2&usp_status=0&usp_enf=1&gqid=ADdJoTviPMEQhX3RzBIwthtiWXyMZP1dAVlJwWx8vmB2GW0swwjeuzbqzbOxTeYQSs0VdOh7&pexid=ADX-pub-3619045887187031&geoll=false&is_ortb=false&s_ip=74.125.19.8&s_city=morganton&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-16+00%3A00%3A00&schain_cmpl=0&dummy_vsid=false&amptype=1&second_call=false&rtttime=57&pvid=294&prvAccId=812171582&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=442254163&prspt=headerBid&prvReqId=13152863860851_509545316_44225416312941&reqsize=970x90&size=970x90&chnl=HARMONY&bdp=0.130&cbdp=0.094&og_cbdp=0.130&ogbdp=0.13&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.094&dt=O&dbf=1&epc=812171582&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-812171582-51-27&tpbTkn=false&exid=31&bidflr=0.080&pbidflr=0.080&opbidflr=0.080&spbf=0&viewability=82&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&seat=BID_API&brsrclk=0&bidrestime=1671225809375&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.13&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080806124000970009000001000&strg=HARMONY&vls=0&scrid=1700080806124000970009000001000&mang=1&pvdTmax=244&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=5&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=5&mx_sid=8CUF4235B&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=728x90%7C970x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=3a4ebe1d6ef04e41b00c7d4079c804e7&rtime=31.0&wsip=mowx-lite-5847bf8c79-mqtzz&ltime=42.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=39098973&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=3a4ebe1d6ef04e41b00c7d4079c804e7_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0016719465&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=NCmDcal9d8C-5tpXD-EUbA&viewability_vendor=EXCHANGE&actltime=43&debug_ts=2022-12-16+21%3A23%3A29&__expireat=1671226409629&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.13~vw_exc%3D0.82~vis_sd%3D400~dc2%3D1~bat%3D0%2C0%2C1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022121617~iurl_b%3D801.82~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.63~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D11%2C12~et%3D15~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022121616~vis_b%3D817.68~url_b%3D1.25~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D500980~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~vl2r_url_kc%3D0E0~bm%3D1~sid%3D812171582~sd%3D1~uid%3D2IaGkIRo0QPGzejkmP~btd%3D8212050184053226093606152684663340706673033524685032570022502857379683719577275492174659584~kb_src%3Dkbb~3pcf%3D1000.37~uim%3D0~dmm_strg%3Dharmony~vurl_b%3D2~ss%3DNA~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rps_b%3D72.77~vurl_l%3D20~CI%3D2807~nts%3D2~kb_ul%3Dpt~kb_ccks%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.5~isif%3D0~lc%3D1~bid%3D0.13~kb_pt%3DHomepage~dc%3D8~vl2r_b%3D2.15~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.130%7Edmm%3Dharmony%7Esuid%3DCAESEArUpiWVm00_t6x-LIvnHa0%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-3619045887187031%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D39098973%7Esobp%3D%7Ectr%3D0.0016719465%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.080%7Eogbid%3D0.130%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D728x90%7C970x90~bsb%3D5~bsp%3D0~tmx%3D244&utime=1052&sf=0&cpr=0.7950512169939217&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:31 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 16 Dec 2022 21:23:31 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 3EF7 15 B
15 B 43ms
42ms Image
text/html 184.24.36.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2335&lf=3&&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=442254163&vgd_l2type=scs_newfl&vgd_bid=328264&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=812171582&requrl=https%3A%2F%2Fwww.aereo.jor.br&vi=1671225810903078368&ugd=4&cc=CA&sc=QC&bdrid=294&subBdr=196&startTime=1671225810388&vgd_l1rakh=1671225810162645307&l1ch=1&buid=328264&sttm=1671225810402&upk=1671225810.11225&hvsid=00001671225810402025035145463168&acid=3a4ebe1d6ef04e41b00c7d4079c804e7&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.13~vw_exc%3D0.82~vis_sd%3D400~dc2%3D1~bat%3D0%2C0%2C1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022121617~iurl_b%3D801.82~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.63~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D11%2C12~et%3D15~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022121616~vis_b%3D817.68~url_b%3D1.25~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D500980~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~vl2r_url_kc%3D0E0~bm%3D1~sid%3D812171582~sd%3D1~uid%3D2IaGkIRo0QPGzejkmP~btd%3D8212050184053226093606152684663340706673033524685032570022502857379683719577275492174659584~kb_src%3Dkbb~3pcf%3D1000.37~uim%3D0~dmm_strg%3Dharmony~vurl_b%3D2~ss%3DNA~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rps_b%3D72.77~vurl_l%3D20~CI%3D2807~nts%3D2~kb_ul%3Dpt~kb_ccks%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.5~isif%3D0~lc%3D1~bid%3D0.13~kb_pt%3DHomepage~dc%3D8~vl2r_b%3D2.15~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.130%7Edmm%3Dharmony%7Esuid%3DCAESEArUpiWVm00_t6x-LIvnHa0%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-3619045887187031%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D39098973%7Esobp%3D%7Ectr%3D0.0016719465%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.080%7Eogbid%3D0.130%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D728x90%7C970x90~bsb%3D5~bsp%3D0~tmx%3D244&matchstring=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&vgd_matchstr=hr%3D0%7Cbcat%3D500780%2C501011%2C500786&vgd_sc=QC&infr=1&twna=1&stime=1671225810041&vgd_ecrid=1700080806124000970009000001000&l1hcsd=l1!A35|8266&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p0926278408t202212162123&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.36.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-36-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Fri, 16 Dec 2022 21:23:32 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=24295
content-length: 15

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 32 KB
11 KB 159ms
21ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/5b687af3-cfdb-4b7a-9848-d686d10dff12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 15:34:45 GMT
last-modified: Sun, 29 May 2022 06:35:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 20928
etag: W/"d29171b34ea93548beb17fd35f5b439b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gt7iHL1nOx70MoNlAxrFXiAqmCK9ZTbvtz8_auAJGg1NtDXf2D7H0w==

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 77ms
31ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/5b687af3-cfdb-4b7a-9848-d686d10dff12
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 3186
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 77aa7b112dee4bb8-YUL
expires: Fri, 16 Dec 2022 21:09:36 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 117ms
29ms Script
text/javascript 23.205.73.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/5b687af3-cfdb-4b7a-9848-d686d10dff12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.73.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-73-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Fri, 16 Dec 2022 21:23:32 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: Y3TCJGXZC61VNF0X
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: I+JSAqg75KrhoyE0YsE4hpmlZmXlLUOQYprIFanZMnfv3DGJ9XWy6IW3VH6kpRTzc7nfX8rkojM=

POST
H3 204 rtimp
g.bidbrain.app/ Frame 411D 0
18 B 47ms
47ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=e29cf78a-7d87-11ed-9908-0ef11e7ec071&d=www.aereo.jor.br&cr=ext_gen2_v10_start_fires__0&gid=CAESEE_JZOJK2-I3kayIEcQt6NM&a=vw_53&p=Y5zh0QADEOMKs91KAA0oyO8v9M6evdANSX9_jw&r=1127607773&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: 454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
URL: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:32 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
475 B 77ms
76ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Aug 2022 15:00:58 GMT
server: cloudflare
etag: W/"6308e02a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 77aa7b116e824bb8-YUL
expires: Fri, 16 Dec 2022 22:23:32 GMT

GET
H2 200 fpc Show response
at.teads.tv/ 56 B
251 B 33ms
32ms XHR
text/plain 23.64.61.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.61.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-61-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9d50838fad6c30da0f8d41ad942a5b996cd922bb033242bf1c5ef6bf9c87a7d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:32 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.aereo.jor.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 56
expires: Fri, 16 Dec 2022 21:23:32 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 5 KB
2 KB 100ms
20ms XHR
text/plain 2600:9000:21ea:e400:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:e400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3527c54438a9e28484d66cbaf75a879f79c37306209347323ff1530a7859c758

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 12:35:17 GMT
content-encoding: gzip
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 11:53:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
age: 31696
etag: W/"471a9e906e8d3af6f8ea24f050a407fd"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.aereo.jor.br
x-cache: Hit from cloudfront
access-control-allow-credentials: true
x-amz-cf-id: wCSosQskamA7-j4yFbm-1XOyjugMZMo-dWiJD4gL7p6CdRekdVBDmw==

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 263ms
79ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
432 B 97ms
83ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bffdcd6f960fe145868b489aabeccf4643c420b38b9024aeb2d65dca53f46494

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 21:23:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 77aa7b120f974bb8-YUL
expires: Fri, 16 Dec 2022 22:23:32 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame CFBB 46 KB
17 KB 42ms
22ms Document
text/html 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 19391
content-encoding: gzip
content-type: text/html
date: Fri, 16 Dec 2022 16:00:22 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-id: fIxAfAzeFVRGR1yxFUeieLkCAcDHdsgICvtXygVIq3m9REGHr9v3oQ==
x-amz-cf-pop: JFK50-P5
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 84ms
71ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=11ec25f335ae58849059edb28c10%7C0&acc=46575&tit=P%25E1gina%2520Inicial%2520-%2520Poder%2520A%25E9reo%2520%25u2013%2520Avia%25E7%25E3o%252C%2520For%25E7as%2520A%25E9reas%252C%2520Ind%25FAstria%2520Aeroespacial%2520e%2520de%2520Defesa&url=https%253A%2F%2Fwww.aereo.jor.br%2F&upd=1&new=1&h1=Logo
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77aa7b12d90f4bb8-YUL
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76976354101
https://sync2.navdmp.com/sync?prtid=2&id=76976354101&google_gid=CAESEDxLmUFPvSpN_Cl5Dqk6rr0&google_cver=1

6 B
80 B

98ms
86ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=76976354101&google_gid=CAESEDxLmUFPvSpN_Cl5Dqk6rr0&google_cver=1
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77aa7b1329734bb8-YUL
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=76976354101&google_gid=CAESEDxLmUFPvSpN_Cl5Dqk6rr0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=430b639c-e1d5-4800-be48-d95847118ca4

43 B
129 B

107ms
106ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=430b639c-e1d5-4800-be48-d95847118ca4
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 77aa7b13cb064bb8-YUL
content-length: 43
content-type: image/gif

Redirect headers

Date: Fri, 16 Dec 2022 21:23:33 GMT
Server: MT3 254 34fcae8 master iad-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=430b639c-e1d5-4800-be48-d95847118ca4
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 16 Dec 2022 21:23:32 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://sync.navdmp.com/sync?prtid=12&yahid=y-dJOkry5E2p4ePR4JznKBzMGK5n.DGuLx6LU-~A

6 B
57 B

129ms
115ms

Image
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=12&yahid=y-dJOkry5E2p4ePR4JznKBzMGK5n.DGuLx6LU-~A
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77aa7b1349b54bb8-YUL
content-length: 6
content-type: application/javascript

Redirect headers

date: Fri, 16 Dec 2022 21:23:32 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0106.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://sync.navdmp.com/sync?prtid=12&yahid=y-dJOkry5E2p4ePR4JznKBzMGK5n.DGuLx6LU-~A
content-length: 0

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame CFBB 175 B
926 B 78ms
77ms XHR
application/json 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

036fa2716e2e6e7bba67ddfea45b65a215d8dbcb7dbeb78cc2f80a94ab50a8e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: EWR53-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 175
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: 8Hil20oi2qgV1V9VGftk1OZbhLy8hc2w_rEeWH26HENZ28fQ4iBuAA==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 157ms
79ms Preflight 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 16 Dec 2022 21:23:33 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-amz-cf-id: fm0EgcwlaozOWiQTsaCoqJXIgFODlEbYEE-qmFCHJ-TfHp6SytfBbA==
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ 0
182 B 146ms
36ms XHR
text/plain 3.17.243.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_230_3_0/ebHtml5Banner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.243.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-243-71.us-east-2.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.aereo.jor.br
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 215 KB
65 KB 22ms
22ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20023479a8d78ad56a23e8e4ec5049245a9c54aa6a8c931a0b0cd53934e3fd3e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: yrCwT49wqQIAbyY2HMcsrXo_9ZLVeraZ
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 13:24:44 GMT
last-modified: Wed, 14 Dec 2022 13:24:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 28730
etag: W/"559a2db2e86ba27a67994876165d4a41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pn9w3X1sXUMz8XFGDeAhYtxZAvk1huvVvXiqnGjkiHs5uZmLqFzVCw==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ 175 B
925 B 81ms
80ms XHR
application/json 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

036fa2716e2e6e7bba67ddfea45b65a215d8dbcb7dbeb78cc2f80a94ab50a8e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: EWR53-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 175
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.aereo.jor.br
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: Klqp206ccPMDIn1F5IILBcApuUn0Yt_xSqT1NF8CtXHnK8UWbwUUVQ==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 82ms
81ms Preflight 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.aereo.jor.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://www.aereo.jor.br
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 16 Dec 2022 21:23:33 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-amz-cf-id: u_zT19YfopIQtBq_1oWS5AVUgB0er6iM8TAzYyWw8dLtzOYbgOXg4A==
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 79ms
79ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/3/desktop/generate/ Frame 0
0 82ms
82ms Preflight 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/3/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.aereo.jor.br%2F&eu=&country=CA&hour=21&amp=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.aereo.jor.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://www.aereo.jor.br
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 16 Dec 2022 21:23:33 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-amz-cf-id: srUSfXQ91Trz4MvdMgdC8nSCytkpcg3NQ8gxiWYZ27NdrR3r1l8vwA==
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/645b490f-24f2-429d-a04c-d266868eea7c/3/desktop/generate/ 1 KB
2 KB 78ms
78ms XHR
text/plain 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c70a6d0243acaeee7c69d2cc3d4ce8c9ca419ffe0a8396b184eb4e9f2d6ad50f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.aereo.jor.br
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: T6xuQ6dNdYrR-fOsz5gnVLUWukIV8Gzj9yC_8s4Dg0HC0u0_BufwZg==

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 107ms
86ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 372 KB
125 KB 101ms
40ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e1fa934e93ff92e04edc940282b3f3c14bf6d8662e563bb94814bca654ce55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Fri, 16 Dec 2022 21:23:33 GMT

GET
H2 200 6.22a55b081b47a856fff6-vl-cr.js Show response
cdn.avantisvideo.com/js/ 5 KB
2 KB 20ms
19ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/6.22a55b081b47a856fff6-vl-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cfe16c5ed5bbd06b7e20fdcb9a1c114144bc582321e9d810d7da65fa291db55

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0zXjid.F9p5jCjcaoZHwfjOaKCqT1nju
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 09:24:17 GMT
last-modified: Wed, 14 Dec 2022 13:12:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 43162
etag: W/"b824ed02657fbbdb476aa031cf8cf570"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3sTeYeI4V65lRxVPL9y_4Lk5A-9IxnCIsRIY-qeu_UruMD_3gTcfuQ==

GET
H2 200 0.22a55b081b47a856fff6-vl-cr.js Show response
cdn.avantisvideo.com/js/ 14 KB
5 KB 21ms
20ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/0.22a55b081b47a856fff6-vl-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1578fa17ba357eff31bf526d0162f86737564e534d6705b365b4e7bb909c7910

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1V0jkBoTzvEnO9vyHtzTrguIIkcLZGgq
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 09:24:17 GMT
last-modified: Wed, 14 Dec 2022 13:12:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 43162
etag: W/"046ec93df57bbdb5fd0c8e5653e1215f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MHisZGbISrxo0Bn2V1U6hvUTBJG6zZu-UwFyUNHbsB_ehuqBGeNV8g==

GET
H2 200 1.22a55b081b47a856fff6-vl-cr.js Show response
cdn.avantisvideo.com/js/ 19 KB
6 KB 21ms
21ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/1.22a55b081b47a856fff6-vl-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4259364a423a0e63a729f92013da62e4d993c71e20f28abfdd634081af77ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: jdMcOSymiYXCO2ciQMd6Qd4aDyT7MInr
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 09:24:17 GMT
last-modified: Wed, 14 Dec 2022 13:12:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 43162
etag: W/"5256efeb88c85ab3f41e0e92ae46eed0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XiD4szXmslsr0oX-oG_KMEPUape1b4Y1Lcb2zh5_xxUz31As6IRg_g==

GET
H2 200 os-player.js Show response
cdn.avantisvideo.com/js/ 42 KB
13 KB 20ms
20ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/os-player.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fe20c4a01cc0d79d0ee8d116a905d4ec754f625a0aeab7ba7aca9369d509c6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 04:41:19 GMT
x-amz-version-id: wbGwJywfKuvHS05jRoSejizxQBz3pcrU
content-encoding: gzip
last-modified: Tue, 06 Dec 2022 08:03:57 GMT
server: AmazonS3
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
etag: W/"ab00e03cf07c2cbe49a4c0db49c4cb1e"
age: 60135
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kuNldF9QLnLdr9l0OOiNzCl-2pWxg1sL6rtkIOnH2kfpgVNNaWtoCQ==

GET
H2 200 prebid.js Show response
cdn.avantisvideo.com/js/ 611 KB
191 KB 20ms
20ms Script
application/javascript 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/prebid.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2790ab67e9266c6e92665e66564cee73f9bb419b471734c69bc2bad47d6709aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: XUJ3Qcl2SBUPy8PSMlID14f97YVof5Jr
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 21:20:46 GMT
last-modified: Sun, 11 Dec 2022 07:39:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 168
etag: W/"c634d77db64ee160383ff57afbbf77b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 907oCQCJRbOLHnaRQYeuEIHPJlnWC0es1egNkATwreL-qZzlLblb3g==

GET
H2 200 os-player.css
cdn.avantisvideo.com/style/ 5 KB
2 KB 42ms
42ms Stylesheet
text/css 2600:9000:2510:c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/style/os-player.css
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/1.22a55b081b47a856fff6-vl-cr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e245ca92c09a55cd4ada741ca10d43a0d095f93adb355d859e3eacc5df4d511c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1WT.iJqu0bb9k8ucDnNhjWil0ArXlrfg
content-encoding: gzip
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 18:02:36 GMT
last-modified: Thu, 24 Feb 2022 10:56:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 12058
etag: W/"187d5380bc1b7cc4d9fd876475b2fff3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 4GFaCXqj3HJJEMcKvFB2ta2LCSr0nwiLEYLuoLD-yqSO-pSqx-6tPA==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 411D 42 B
64 B 34ms
34ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutu8UydfCU5Q2d44TDPBss954ZP-IdtbGuUjSUiC3YJfU4Nkkc2LVVE5Gh8hZBf_m-_ZNmQY3Hu51YZLW6miQ1Zv21&sig=Cg0ArKJSzFTZGauKay3uEAE&cid=CAASFeRoJ8Vjp8BBfYxRuCHzKb7KgvtP0A&id=lidar2&mcvt=1041&p=315,2798,915,2918&mtos=924,991,1041,1092,1159&tos=924,67,50,51,67&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=861655115&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671225809797&rpt=404&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 76ab119f-ed28-42ca-b499-f4c22ea9cdb3 Show response
avm.avantisvideo.com/api/v1/channel/ 6 KB
6 KB 136ms
135ms XHR
text/plain 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/channel/76ab119f-ed28-42ca-b499-f4c22ea9cdb3?pub_id=645b490f-24f2-429d-a04c-d266868eea7c&tag_id=3&hour=21&browser=chrome&os=windows&osv=10.0&amp=false&domain=www.aereo.jor.br&url=https%3A%2F%2Fwww.aereo.jor.br%2F&device=desktop&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&allowed=false&country=CA

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bdc9fc70217e4281dbe77fa5e6dee0160c9329caf2831b488462b071d6452167

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Dec 2022 21:23:34 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: EWR53-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 5899
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.aereo.jor.br
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: f4GLGMC3rNhfg1PmLyE-1nGavOlgGPpOakMiofvFQACGHJlVXfrdyw==

OPTIONS
H2 204 76ab119f-ed28-42ca-b499-f4c22ea9cdb3
avm.avantisvideo.com/api/v1/channel/ Frame 0
0 78ms
77ms Preflight 2600:9000:21da:a200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:a200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.aereo.jor.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://www.aereo.jor.br
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 16 Dec 2022 21:23:33 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
x-amz-cf-id: JMrZV5TIZnHJRYIbGr3dCycmjqPm8ilH7HqnRKifBL9kGQzG15nHDw==
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.aereo.jor.br%2F&domain=www.aereo.jor.br&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=XVIpOHxJZTRrOXpHd0FJekdHV25FWHVmTkVWYi9ad1MrNWo1ZVpCK1RWR1FTR2o5dC9XVVV0Q1U3VWRzM0FBcU5aVEh0UStuMkNSSGNCY0luSU5rdS9BaDdYZGNxNVRqWDFSTU1GZEFUWkliTjRVNGVsc2VQY2lKZDdYQ0...

444 B
702 B

29ms
28ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XVIpOHxJZTRrOXpHd0FJekdHV25FWHVmTkVWYi9ad1MrNWo1ZVpCK1RWR1FTR2o5dC9XVVV0Q1U3VWRzM0FBcU5aVEh0UStuMkNSSGNCY0luSU5rdS9BaDdYZGNxNVRqWDFSTU1GZEFUWkliTjRVNGVsc2VQY2lKZDdYQ0tueUFYcm1FN0dOWlFEVkwwb0R5SjN2dHp4NWRtSjErbTdkK1FUMGs5ZnV5Tnh1Z2d5QXQzTDRCdXlzb0RhZVhkZHpaWEp1dll3TW9abERvS3p3NTR4NmM4b1lHZE8wRGVOSVNROWhKajJyWUovaWFFRTRwdVBreWhHNkZWQnFmblBwVThacTQralc2cUx3REZKN2NLNVpKYnJXSXExRmRCTEFQaEw2N0J6dEJSMkw4TXlEaz18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

57beffc1dda046a1fabf647e85a9e70941b0967e6c082436e8c4c2608fe2e669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2134963
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=XVIpOHxJZTRrOXpHd0FJekdHV25FWHVmTkVWYi9ad1MrNWo1ZVpCK1RWR1FTR2o5dC9XVVV0Q1U3VWRzM0FBcU5aVEh0UStuMkNSSGNCY0luSU5rdS9BaDdYZGNxNVRqWDFSTU1GZEFUWkliTjRVNGVsc2VQY2lKZDdYQ0tueUFYcm1FN0dOWlFEVkwwb0R5SjN2dHp4NWRtSjErbTdkK1FUMGs5ZnV5Tnh1Z2d5QXQzTDRCdXlzb0RhZVhkZHpaWEp1dll3TW9abERvS3p3NTR4NmM4b1lHZE8wRGVOSVNROWhKajJyWUovaWFFRTRwdVBreWhHNkZWQnFmblBwVThacTQralc2cUx3REZKN2NLNVpKYnJXSXExRmRCTEFQaEw2N0J6dEJSMkw4TXlEaz18&cppv=2
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 338184
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 69ms
23ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.aereo.jor.br%2F&domain=www.aereo.jor.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.aereo.jor.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 16 Dec 2022 21:23:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 234060
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E4C3 2 KB
814 B 10ms
9ms Document
text/html 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1671225808847

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0874 281 B
554 B 67ms
19ms Document
text/html 23.78.168.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-78-168-242.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Dec 2022 21:23:34 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5DE7 52 KB
17 KB 73ms
16ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7216
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 16 Dec 2022 21:23:34 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 11, 18932
X-Served-By: cache-lga13626-LGA, cache-yyz4574-YYZ
X-Timer: S1671225814.068662,VS0,VE0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3287437758360039017&gdpr=0&gdpr_consent=

43 B
408 B

185ms
56ms

Image
image/gif

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3287437758360039017&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3287437758360039017&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=e5798cbf09&gdpr=0&gdpr_consent=

43 B
400 B

166ms
56ms

Image
image/gif

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=e5798cbf09&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:33 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date: Fri, 16 Dec 2022 21:23:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=e5798cbf09&gdpr=0&gdpr_consent=
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=4-d08chTKs_hZ2eQXElH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=4-d08chTKs_hZ2eQXElH

43 B
470 B

56ms
55ms

Image
image/gif

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=4-d08chTKs_hZ2eQXElH
Protocol: HTTP/1.1
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
Content-Type: text/html; charset=utf-8
Location: https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=4-d08chTKs_hZ2eQXElH
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 140
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb
https://x.bidswitch.net/sync?dsp_id=4&user_id=f13f04e3-29c9-4995-aa8f-e5fdf30262a5&ssp=smartadserver&expires=30&user_group=5&bsw_param=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&gdpr=&gdpr_consent=

43 B
445 B

56ms
55ms

Image
image/gif

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=dddc5aa2-05f6-4e2c-9ccd-1597b23598eb&gdpr=&gdpr_consent=
Date: Fri, 16 Dec 2022 21:23:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5zh1gAD9sOijwAe&gdpr=0&gdpr_consent=&_test=Y5zh1gAD9sOijwAe

43 B
405 B

159ms
56ms

Image
image/gif

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5zh1gAD9sOijwAe&gdpr=0&gdpr_consent=&_test=Y5zh1gAD9sOijwAe
Protocol: HTTP/1.1
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:33 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by: cache-yyz4552-YYZ
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671225814.290658,VS0,VE0
x-cache: HIT
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5zh1gAD9sOijwAe&gdpr=0&gdpr_consent=&_test=Y5zh1gAD9sOijwAe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0874 34 KB
10 KB 22ms
19ms Script
text/html 23.78.168.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-78-168-242.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 37d41364418010ad7702c336d48c949795b5b94bb1ce3a72b228c90f07c84d87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 21:23:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 02:04:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16825
Connection: keep-alive
Content-Length: 10066
Expires: Sat, 17 Dec 2022 02:03:59 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 67ms
21ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
date: Fri, 16 Dec 2022 21:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F7DB 693 KB
222 KB 61ms
19ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 166802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 23:03:32 GMT
expires: Thu, 14 Dec 2023 23:03:32 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 98ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Dec 2022 21:23:34 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 29ms
22ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
date: Fri, 16 Dec 2022 21:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
1 KB 20ms
20ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6dbeca800af0097ac2e4bced16a7574db4622af62804d58ff2a37967b5efc878

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
AN-X-Request-Uuid: f04a36ff-9361-41d9-bc7f-8fbe4fd7f27d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/227038/0/ 0
163 B 108ms
28ms XHR
text/plain 199.127.204.162
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/227038/0/mvo?z=1r&hbv=7.15.1,2.1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 108ms
107ms XHR
application/json 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2BD9 693 KB
222 KB 25ms
21ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 166802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 23:03:32 GMT
expires: Thu, 14 Dec 2023 23:03:32 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
1 KB 22ms
21ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c6e697d37217f8d51e5a641c0599ce35a8dbd329567077bf11c59863abbe11fc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
AN-X-Request-Uuid: dd99b091-c2da-4ee3-aa52-3beae6fd0039
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 74ms
51ms XHR
application/xml 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20946842&referrer=https%3A%2F%2Fwww.aereo.jor.br%2F&us_privacy=1---&imp_id=0e581d07-88eb-4f20-bdf0-9cd8e82e76fb&cb=1671225814226

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
AN-X-Request-Uuid: 9350aae7-0192-496e-9f79-bcce7e300544
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 107ms
54ms XHR
application/xml 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=24657313&referrer=https%3A%2F%2Fwww.aereo.jor.br%2F&us_privacy=1---&imp_id=0e581d07-88eb-4f20-bdf0-9cd8e82e76fb&cb=1671225814226

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
AN-X-Request-Uuid: 937ab4e7-5cb6-482f-8b0c-e67ec2dff1ad
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
411 B 131ms
28ms XHR
application/json 54.83.180.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.180.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-180-210.compute-1.amazonaws.com
Software: /
Resource Hash: 4b0a6324ea618918c94e53be89a591b7e2c42325014396b4838390f862e3bfcd

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 42ms
41ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 46ms
45ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 91ms
77ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:34 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 77ms
22ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 16 Dec 2022 21:23:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 253464
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5DE7 0
861 B 18ms
18ms Script
text/html 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
AN-X-Request-Uuid: f3f8ef00-fd73-4546-a260-ae22b2ca49c8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0874
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IOJc6owaSlOuGMV4fRtPXw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IOJc6owaSlOuGMV4fRtPXw

43 B
479 B

32ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IOJc6owaSlOuGMV4fRtPXw

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NX6BWRQNGWSFDTXXD49N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IOJc6owaSlOuGMV4fRtPXw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0874
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGoYgQ7F6D7H6Yi2y_cf1a4&google_cver=1

42 B
701 B

101ms
24ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGoYgQ7F6D7H6Yi2y_cf1a4&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGoYgQ7F6D7H6Yi2y_cf1a4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0874
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dd6886ec-11fb-4f5d-8c50-c45b04484e91&gdpr=0&gdpr_consent=&expires=30

42 B
701 B

100ms
25ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dd6886ec-11fb-4f5d-8c50-c45b04484e91&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dd6886ec-11fb-4f5d-8c50-c45b04484e91&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0874
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczMGY3NDU2MGJiNWI5MTA5OTczMGJhNTY4YjUyYmMwMDA5Y2RkNw

170 B
188 B

40ms
37ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczMGY3NDU2MGJiNWI5MTA5OTczMGJhNTY4YjUyYmMwMDA5Y2RkNw

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczMGY3NDU2MGJiNWI5MTA5OTczMGJhNTY4YjUyYmMwMDA5Y2RkNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0874
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/evwkFCET83PVr_ExRjW8sQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iTKHVENE2oKdsJgnNuBcUcJiOIAoexPCSbRX3g--~A

42 B
701 B

56ms
25ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iTKHVENE2oKdsJgnNuBcUcJiOIAoexPCSbRX3g--~A
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 16 Dec 2022 21:23:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iTKHVENE2oKdsJgnNuBcUcJiOIAoexPCSbRX3g--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0874
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJSMFAyWVItRC01Mjc=

170 B
188 B

45ms
43ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJSMFAyWVItRC01Mjc=

Protocol

Server

142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJSMFAyWVItRC01Mjc=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0874
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBR0P2YR-D-527

0
572 B

104ms
52ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBR0P2YR-D-527
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:34 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 53088CD0AE124684878F642AC73272CC Ref B: YTO01EDGE0707 Ref C: 2022-12-16T21:23:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXv+JUHl9h/HZhq59B08g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBR0P2YR-D-527
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0874
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rZ-b0kppSmWF8uhYixzLRw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ-b0kppSmWF8uhYixzLRw

43 B
479 B

101ms
100ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ-b0kppSmWF8uhYixzLRw

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YCCR5AYCRSTC1X09AFAW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ-b0kppSmWF8uhYixzLRw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F7DB 156 B
185 B 504ms
420ms XHR
text/xml 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3594707090010836&iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_1&cust_params=avpp%3D2%26avtest%3D645b490f-24f2-429d-a04c-d266868eea7c_3&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2545203828&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=3E2A79F1-EEBF-4D73-8E90-F4E73FFD5C52&nel=0&eid=44731964%2C44748969%2C44752052%2C44765701&url=https%3A%2F%2Fwww.aereo.jor.br%2F&top=https%3A%2F%2Fwww.aereo.jor.br%2F&loc=https%3A%2F%2Fwww.aereo.jor.br%2F&dt=1671225814671&cookie=ID%3D20e2d08eb0f3f5e4-22d60ecd1dd9008d%3AT%3D1671225807%3AS%3DALNI_Ma09caKp5KYTNiDqslMWETQrA5HxA&gpic=UID%3D000008d6f315567c%3AT%3D1671225807%3ART%3D1671225807%3AS%3DALNI_Ma1L8LuULoOuMyf2GSA0Cr_TwYPJw&scor=2089679344409512&ged=ve4_td9_tt0_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2BD9 156 B
748 B 403ms
342ms XHR
text/xml 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=248820404449980&iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_050&cust_params=avpp%3D2%26avtest%3D645b490f-24f2-429d-a04c-d266868eea7c_3&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=221328988&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=3E2A79F1-EEBF-4D73-8E90-F4E73FFD5C52&nel=0&eid=44731964%2C44748969%2C44752052%2C44765701&url=https%3A%2F%2Fwww.aereo.jor.br%2F&top=https%3A%2F%2Fwww.aereo.jor.br%2F&loc=https%3A%2F%2Fwww.aereo.jor.br%2F&dt=1671225814699&cookie=ID%3D20e2d08eb0f3f5e4-22d60ecd1dd9008d%3AT%3D1671225807%3AS%3DALNI_Ma09caKp5KYTNiDqslMWETQrA5HxA&gpic=UID%3D000008d6f315567c%3AT%3D1671225807%3ART%3D1671225807%3AS%3DALNI_Ma1L8LuULoOuMyf2GSA0Cr_TwYPJw&scor=726334131667727&ged=ve4_td9_tt0_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 93ms
93ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 81ms
80ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 82ms
81ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5DE7 0
861 B 19ms
18ms Script
text/html 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:35 GMT
AN-X-Request-Uuid: 2e2feb35-ede1-486a-89b7-e35579a6c4ba
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 21ms
20ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
date: Fri, 16 Dec 2022 21:23:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AC06 693 KB
222 KB 25ms
24ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 166803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 23:03:32 GMT
expires: Thu, 14 Dec 2023 23:03:32 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 21ms
20ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
date: Fri, 16 Dec 2022 21:23:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
1 KB 42ms
41ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4e0413d7aec95b74426b0cd2e3f936a2bee8a9ece223922623a45f544a184786

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:35 GMT
AN-X-Request-Uuid: d5198cd8-96f7-4965-8445-e8fe853ee566
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/227038/0/ 0
163 B 52ms
35ms XHR
text/plain 199.127.204.162
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/227038/0/mvo?z=1r&hbv=7.15.1,2.1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aereo.jor.br
pragma: no-cache
date: Fri, 16 Dec 2022 21:23:35 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 24ms
16ms XHR
application/json 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.aereo.jor.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EE08 693 KB
222 KB 37ms
21ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 166803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 23:03:32 GMT
expires: Thu, 14 Dec 2023 23:03:32 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
1 KB 19ms
18ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

204fdfa5888047360509b482d99989f2bdecb29c6a7acc9338115e8b3471b1e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:35 GMT
AN-X-Request-Uuid: 795c5507-6c95-4753-aac6-a7d34f109a9e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 143ms
141ms XHR
application/xml 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20946842&referrer=https%3A%2F%2Fwww.aereo.jor.br%2F&us_privacy=1---&imp_id=ed4f245a-d2d3-45fa-a2a3-562983d53431&cb=1671225815870

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:36 GMT
AN-X-Request-Uuid: 99e7e9a9-17f7-4f03-bda4-5274b903be3e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 141ms
139ms XHR
application/xml 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=24657313&referrer=https%3A%2F%2Fwww.aereo.jor.br%2F&us_privacy=1---&imp_id=ed4f245a-d2d3-45fa-a2a3-562983d53431&cb=1671225815870

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 21:23:36 GMT
AN-X-Request-Uuid: 66ab29c3-0f2f-4782-8530-c97d30585bdf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/xml; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aereo.jor.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
410 B 31ms
30ms XHR
application/json 54.83.180.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.180.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-180-210.compute-1.amazonaws.com
Software: /
Resource Hash: e0e28845d7c0d6d77652560f6eee89d0e3017a1e6561ccc03df94aef08d55acc

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:35 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://www.aereo.jor.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 37ms
36ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 39ms
39ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aereo.jor.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AC06 156 B
142 B 359ms
318ms XHR
text/xml 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4236982155674472&iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_1&cust_params=avpp%3D2%26avtest%3D645b490f-24f2-429d-a04c-d266868eea7c_3&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2545203828&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=3E2A79F1-EEBF-4D73-8E90-F4E73FFD5C52&nel=0&eid=44731964%2C44748969%2C44752052%2C44765701&url=https%3A%2F%2Fwww.aereo.jor.br%2F&top=https%3A%2F%2Fwww.aereo.jor.br%2F&loc=https%3A%2F%2Fwww.aereo.jor.br%2F&dt=1671225816238&cookie=ID%3D20e2d08eb0f3f5e4-22d60ecd1dd9008d%3AT%3D1671225807%3AS%3DALNI_Ma09caKp5KYTNiDqslMWETQrA5HxA&gpic=UID%3D000008d6f315567c%3AT%3D1671225807%3ART%3D1671225807%3AS%3DALNI_Ma1L8LuULoOuMyf2GSA0Cr_TwYPJw&scor=3042709448193756&ged=ve4_td10_tt1_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EE08 75 KB
16 KB 383ms
357ms XHR
text/xml 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1204922637406823&iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_050&cust_params=avpp%3D2%26avtest%3D645b490f-24f2-429d-a04c-d266868eea7c_3&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=221328988&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=3E2A79F1-EEBF-4D73-8E90-F4E73FFD5C52&nel=0&eid=44731964%2C44748969%2C44752052%2C44765701&url=https%3A%2F%2Fwww.aereo.jor.br%2F&top=https%3A%2F%2Fwww.aereo.jor.br%2F&loc=https%3A%2F%2Fwww.aereo.jor.br%2F&dt=1671225816254&cookie=ID%3D20e2d08eb0f3f5e4-22d60ecd1dd9008d%3AT%3D1671225807%3AS%3DALNI_Ma09caKp5KYTNiDqslMWETQrA5HxA&gpic=UID%3D000008d6f315567c%3AT%3D1671225807%3ART%3D1671225807%3AS%3DALNI_Ma1L8LuULoOuMyf2GSA0Cr_TwYPJw&scor=662512273043762&ged=ve4_td10_tt1_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cffac9ba9f821da0355f000672c6eeca8bf8e7184d3542a5e084a834a80e598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16433
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 79ms
79ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EE08 0
54 B 1082ms
414ms Ping
image/gif 2c0f:fb50:4002:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lbr0p8pm&c=692257186449&slotId=346128593224.5&qqid=CIDt_qiJ__sCFb4NaAgd-OkCGg&gqid=2OGcY9TGEtquNau4hZAM&fb=ima_html5-lima&sdkv=h.3.549.0&mrd=5&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44731964%2C44748969%2C44752052%2C44765701&met.4=ghmsh_s.lbr0p93m~ghmsh_s.lbr0p93n&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=inUUFEhZslVgp8eZ
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:801::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 1055ms
413ms Ping
image/gif 2c0f:fb50:4002:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lbr0p6x5&c=692257186449&slotId=346128593224.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:801::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 80ms
79ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:36 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 83ms
83ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:36 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame EE08 453 B
478 B 20ms
19ms Image
image/png 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-5717092533913515

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:55:32 GMT
x-content-type-options: nosniff
age: 1684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Dec 2022 21:45:32 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EE08 42 B
64 B 37ms
37ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6Iex2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEnQJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrx2LEFRimrEJyyLH1oMe2w136S0KGP2FAmeD0HJpyKea39_ULSWmB0nddgl1m1y7ABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQLEJ8Ucc06fea4SACgOYCwHICwHQCw64DAGaDQEO2BMN0BUB4hYCCAH4FgGAFwE&sigh=Q-lUjgXKDaI&label=show_ad&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMTU5MDQ2MTY3MTIMNTgwNTI2NTExOTc4QIcDUiMQDyUAAPBBKAE6CzNMWjlxMk5ETUpjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame EE08 0
0 43ms
42ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CWyZW2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEmgJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrxzrFp3KuhqJQWkRAUfcyMmEHwxhIn0Rgk2T9MoKJwnbtOV-qYEWZJee0stnABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-OMgqAgB0ggPCIBhEAEYHTICigI6AoBAgAoDyAsBwhMGGLC6odcD2BMN0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNRjQihE&sigh=u4X8DIF5fqg&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9Sovrc-sCNkp1CuBjNjNynhQ36NqSgHwyhGGAn4fJYAtYqJVDjn3gDcZbZlf_C8FWKqTBGsgxGAEgEw&vt=10&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMTU5MDQ2MTY3MTIMNTgwNTI2NTExOTc4QIcDUiMQDyUAAPBBKAE6CzNMWjlxMk5ETUpjQglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EE08 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-apaapm4g-apae.googlevideo.com/ 1 MB
1 MB 581ms
365ms Media
video/mp4 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1671254616&ei=2OGcY5SpIemJ_9EPoLmVqAM&ip=2607:5300:60:7867::12&id=dcb67dab63433097&itag=22&source=youtube&requiressl=yes&mh=bo&mm=31&mn=sn-apaapm4g-apae&ms=au&mv=m&mvi=1&pl=32&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.093&lmt=1663938199804591&mt=1671225462&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAOzQ3OUHjOhdDaDqHz_24ypcrlJhqMiLJVDi_WLrZqMKAiB9Y1myBFrS6Q9rApM7wrZt4jIvJ72iPAxesnC_QtxaCw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCrJR4LbS-XOL5shGF97hHgfj6pCo-tE3asLyu0rZ26AiEA2JHxPdjDuqJtJO1wwg2Wzg-rMNGSrAq-HAZcgOH97O0=&cpn=inUUFEhZslVgp8eZ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0c4e37b3f00eda556ba3d85b5eefd9d66eb3768336e259e1cdf1c34614574e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aereo.jor.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 16 Dec 2022 21:23:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Sep 2022 13:03:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1424946/1424947
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1424947
Expires: Fri, 16 Dec 2022 21:23:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE08 0
20 B 33ms
32ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.549.0&e=44731964%2C44748969%2C44752052%2C44765701&id=ima_html5&c=2953249600862045&domain=www.aereo.jor.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EE08 0
327 B 489ms
412ms Ping
image/gif 2c0f:fb50:4002:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lbr0p941&c=692257186449&slotId=346128593224.5&qqid=CIDt_qiJ__sCFb4NaAgd-OkCGg&gqid=2OGcY9TGEtquNau4hZAM&fb=ima_html5-lima&sdkv=h.3.549.0&mrd=5&aab=1&itv=1&met.4=ghmsh_s.lbr0p943~vss_tr.o2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:801::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159970
https://image8.pubmatic.com/AdServer/ImgSync?p=159970&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUUxRjk3Q0EtMjlEQy00RjdBLUFCODAtRTcxNTE3MzYzMEIz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

19ms
19ms

Image
text/plain

162.248.18.32
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:23:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Fri, 16 Dec 2022 21:23:37 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 10ms
9ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.aereo.jor.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EE08 42 B
64 B 35ms
35ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6Iex2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEnQJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrx2LEFRimrEJyyLH1oMe2w136S0KGP2FAmeD0HJpyKea39_ULSWmB0nddgl1m1y7ABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQLEJ8Ucc06fea4SACgOYCwHICwHQCw64DAGaDQEO2BMN0BUB4hYCCAH4FgGAFwE&sigh=Q-lUjgXKDaI&label=video_ad_loaded&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMTU5MDQ2MTY3MTIMNTgwNTI2NTExOTc4QIcDUiYQDyUAAAxCKAE6CzNMWjlxMk5ETUpjQglnb29nbGVhZHNIiQZQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame EE08 41 KB
15 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 13 Dec 2023 16:03:52 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame EE08 0
0 50ms
49ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CWyZW2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEmgJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrxzrFp3KuhqJQWkRAUfcyMmEHwxhIn0Rgk2T9MoKJwnbtOV-qYEWZJee0stnABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-OMgqAgB0ggPCIBhEAEYHTICigI6AoBAgAoDyAsBwhMGGLC6odcD2BMN0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNRjQihE&sigh=u4X8DIF5fqg&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9Sovrc-sCNkp1CuBjNjNynhQ36NqSgHwyhGGAn4fJYAtYqJVDjn3gDcZbZlf_C8FWKqTBGsgxGAEgEw&sdkv=h.3.549.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EE08 42 B
64 B 41ms
39ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWNgS2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEmgJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrxzrFp3KuhqJQWkRAUfcyMmEHwxhIn0Rgk2T9MoKJwnbtOV-qYEWZJee0stnABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAeIWAggB-BYBgBcB&sigh=OCRG190RGAc&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D550%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D606857923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671225813836%26ptlt%3D1671225817466%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1671225816701&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMTU5MDQ2MTY3MTIMNTgwNTI2NTExOTc4QIcDUiYQDyUAAAxCKAE6CzNMWjlxMk5ETUpjQglnb29nbGVhZHNIiQZQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EE08 42 B
64 B 38ms
37ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCTJhgihjRCE6s9k6TvXb9T4LfL8yJC4zix2tFP6_JMGHod2sv0KCfPq080LCUzLSroq6oNScVkO88dRNuhMrYCwa-_0fK5EpNFNJcP5Wp3V7A57eVxZBvDQfa_RFcLuakh62lzuMSp9GJtPWBwIh8jcT-qzvu5w&sai=AMfl-YROc2VB5XWJJTVNMwqYynrwm1PDI7Xq_8OfXCLg_ptAikPmF_Ix4KTryUptvMnrrAqgqeLtpnUi2VXi1hJznKyCKT6La37zu9lzJq7KiH2M-Xc7nHUutGnA9qYYXA&sig=Cg0ArKJSzCFDvLXdEOyxEAE&cid=CAQSOwDq26N9Sovrc-sCNkp1CuBjNjNynhQ36NqSgHwyhGGAn4fJYAtYqJVDjn3gDcZbZlf_C8FWKqTBGsgxGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D550%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D606857923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671225813836%26ptlt%3D1671225817468%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671225816701&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EE08 42 B
64 B 41ms
40ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWNgS2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEmgJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrxzrFp3KuhqJQWkRAUfcyMmEHwxhIn0Rgk2T9MoKJwnbtOV-qYEWZJee0stnABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAeIWAggB-BYBgBcB&sigh=OCRG190RGAc&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D550%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D606857923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671225813836%26ptlt%3D1671225817470%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671225816701&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMTU5MDQ2MTY3MTIMNTgwNTI2NTExOTc4QIcDUiYQDyUAAAxCKAE6CzNMWjlxMk5ETUpjQglnb29nbGVhZHNIiQZQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE08 0
20 B 34ms
33ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.549.0&e=44731964%2C44748969%2C44752052%2C44765701&id=ima_html5&c=2953249600862045&domain=www.aereo.jor.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EE08 42 B
64 B 39ms
38ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWNgS2OGcY4ChFr6boPMP-NOL0AH1i47cbefxiqq8D7CQHxABILCv4h9g_eiigfADoAGwuqHXA8gBBeACAKgDAZgEAKoEmgJP0HwAK3MFbREXjMHW3FkiJRnY3ot2dPZeondj_AiF9TjSwFKKP-pR7jCBALtSbt6-ee4yy9b8zfD0_HMrkdB7QW_VWivKYnDhnYwV_ckf-23P-C6f28gxLxJrDxUzltTQziUqMnlJkRtjwx5onKT1zxOFuPK8pM5ZufuAerg6K2XBfbd3nWUzW3sBtoSdyVkEZcmUPHHTfWVN80cX-1RVCenSEErrRIaFHv5pZX7lB02nfml9zBHoK8mmfOZJhrwiJA-LES5mrzYwIOQCkqKhgmeQXG7xRmuQRRaD27Yrox6bFcvyupjoxLuqADGrxzrFp3KuhqJQWkRAUfcyMmEHwxhIn0Rgk2T9MoKJwnbtOV-qYEWZJee0stnABJypk4bvA-AEAaAGVIAH8OjgO6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAeIWAggB-BYBgBcB&sigh=OCRG190RGAc&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D15%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D550%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D606857923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671225813836%26ptlt%3D1671225817475%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671225816701&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMTU5MDQ2MTY3MTIMNTgwNTI2NTExOTc4QIcDUiYQDyUAAAxCKAE6CzNMWjlxMk5ETUpjQglnb29nbGVhZHNIiQZQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 80ms
80ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:37 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 5EDE 23 KB
9 KB 22ms
20ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 187826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 17:13:11 GMT
expires: Thu, 14 Dec 2023 17:13:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EDE 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 21:49:18 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame EE08 0
0 106ms
37ms Image
text/html 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44731964%2C44748969%2C44752052%2C44765701&el=adunit&cpn=inUUFEhZslVgp8eZ&docid=3LZ9q2NDMJc&visitordata=CgstVkdFMUVRTXYxbw%253D%253D&of=2dVkz7e1rF9t_XNU6wGWIw&ver=2&cmt=0.202&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.aereo.jor.br%2F&len=30.047&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=108.0.5359.124&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5EDE 0
22 B 37ms
36ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.549.0&bgai=B8Vx-2OGcY4ChFr6boPMP-NOL0AEAAAAAOAG6BRMI1JL7qIn_-wIVWlcNCh0rXAHC&bg=!_v2l_bnNAAYgquz3AKo7ACkAdvg8Wioo5PCJ4nKVECJmligkF8_lDFyeRq0KnnKIxnFRZ5sFMQQt-wIAAAFRUgAAAAVoAQeZAoEdfeprnerefn0DxW5i8v966jS9ahowVEgcmhwrbmFah2Bc93pxPuYNpnd7rRrCOl5pJBBgGti9UPDOjo_dLZ-GtO72PjGP09N71Bda_sZ09YUaI-JRWyQSRSAmRhghJU-H3Z-Qq42VKsoOmVPPR97qR05WPPZHOEhna4T4zwyu7m4IG28sIP5unHgIuRgvVWJnmcDICH6UO5IQZAmNytyCa_qs487ii0sP5oF22sue2YeVTw6NjC77LhiA4CdXs_SlDqKZRQftPHbmMkDOYO-LQDCnvDjlcSJGXHf3KCs2dvhJnMHKjX2ur4uTDSzHGo_y6t89nmYsVHNEKWTs2xkxFCt_IdK8myXYhE2Y8tN1u9Oz3Y7lAHGMht0uuqlAQMf87R6PpxSuHG3gyl-onl7R7R1-i9jxpGq9rjyzEd0P5iTGjeS3Sv9RN9kH4xvT7RohQoi_Sov-dyR5fNZGj0EN0Y1qxynAuR1agfjn9R62n9ppxB7noyEsjfXeQrM-sPJoYG_JsZczFxrG9s4ozRM9g9DuxzbS3AHhxRBSUaQGy9VXpy-54QULK_2alWR68bd0d1cN63tz9TbQd5JWVSwGO1kf4RlrU8uGPV1Yi6Qw-pyqX_bmWcErUUIufrZoLX0WrxYvlqP5HwSXyvrZfaZlvrvePlnC3wcZFbVSTmDmzgHmpIYN7q4VNOeVZbx2IBZjmwiQ-9wGc0OXsiwkKOyQ1l6RuvehLqNHz4r7aAOZoeudUkaUJbJInHUvKzHcoAPqbk6p-bixqSKWEL3hRVX2o6zcYM95ILnOZgKLfbYpetrGvbLvk-enO4QfZmHpHd5FrvqAYGW9isEkNIbBip1-zg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events.avantisvideo.com/ 0
34 B 80ms
79ms Ping
text/plain 54.187.209.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.209.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-209-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aereo.jor.br/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 21:23:39 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EE08 42 B
66 B 44ms
44ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCTJhgihjRCE6s9k6TvXb9T4LfL8yJC4zix2tFP6_JMGHod2sv0KCfPq080LCUzLSroq6oNScVkO88dRNuhMrYCwa-_0fK5EpNFNJcP5Wp3V7A57eVxZBvDQfa_RFcLuakh62lzuMSp9GJtPWBwIh8jcT-qzvu5w&sai=AMfl-YROc2VB5XWJJTVNMwqYynrwm1PDI7Xq_8OfXCLg_ptAikPmF_Ix4KTryUptvMnrrAqgqeLtpnUi2VXi1hJznKyCKT6La37zu9lzJq7KiH2M-Xc7nHUutGnA9qYYXA&sig=Cg0ArKJSzCFDvLXdEOyxEAE&cid=CAQSOwDq26N9Sovrc-sCNkp1CuBjNjNynhQ36NqSgHwyhGGAn4fJYAtYqJVDjn3gDcZbZlf_C8FWKqTBGsgxGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1412,436,227,201,232%26mtos%3D1412,1848,2075,2276,2508%26amtos%3D0,0,0,0,0%26mcvt%3D2075%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2747%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D680%26pst%3D472%26dur%3D30046%26vmtime%3D2620%26dtos%3D2075%26dtoss%3D1%26dvs%3D2075%26dfvs%3D1412%26dvpt%3D2732%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D550%26femvt%3D0%26emc%3D18%26emuc%3D0%26emb%3D8,2,1,1,1%26avms%3Dexc%26qi%3D606857923%26psm%3D-2147483641%26psv%3D6%26psfv%3D4%26psa%3D0%26pnmm%3D1671225813836%26ptlt%3D1671225820206%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2508&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1671225816701

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 21:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id.navegg.com
URL: https://id.navegg.com/uid/

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBULivp1YQ1pK31uVHptYK4&google_cver=1&google_push=AavPq0O2wx5nme29ChReThZz4t_LADJb9tZAqqewdpWKtzPE6Flsf_wtzWccZi9jwY0rqojazX5mSf9O0JCyciKOM8Bgo8OdX8YdSDHCAiuAT-zuRT9QZyz62gPe-cZEn3zsLquslGyLjw

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aereo.jor.br/	1970-01-20 08:15:12	Name: _gid Value: GA1.3.2147078114.1671225807
.aereo.jor.br/	1970-01-20 08:13:45	Name: _gat Value: 1
.aereo.jor.br/	1970-01-20 17:49:45	Name: _ga_DQ2L68JE9E Value: GS1.1.1671225807.1.0.1671225807.0.0.0
www.aereo.jor.br/	1970-01-20 08:56:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.aereo.jor.br/	1970-01-20 17:49:45	Name: _ga Value: GA1.3.1490408997.1671225807
.aereo.jor.br/	1970-01-20 17:35:21	Name: __gpi Value: UID=000008d6f315567c:T=1671225807:RT=1671225807:S=ALNI_Ma1L8LuULoOuMyf2GSA0Cr_TwYPJw
.doubleclick.net/	1970-01-20 17:49:45	Name: IDE Value: AHWqTUmKlJZPrKHRGmiCzZW0ackw8oIqbmJqcZn_U_KvtkEyauEIONf2nZelbU1JSg8
.smartadserver.com/	1970-01-20 16:59:21	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 218825=5237123
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 16:59:21	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 08:15:12	Name: sasd Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.rubiconproject.com/	1970-01-20 16:59:21	Name: khaos Value: LBR0P2YR-D-527
.serving-sys.com/	1970-01-20 10:23:21	Name: A6 Value: 10WGC8y1yz1007hf000010000
.serving-sys.com/	1970-01-20 10:23:21	Name: u2 Value: 954f7d8f-8ea2-430f-a3e1-babf39e7de134Ke09g
.serving-sys.com/	1970-01-20 10:23:21	Name: eyeblaster Value: RES=32
.smartadserver.com/	1970-01-20 16:59:21	Name: pid Value: 7522669733699650421
.smartadserver.com/	1970-01-20 08:15:12	Name: sasd2 Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=638068226087902080&o=1
.adnxs.com/	1970-01-20 10:23:21	Name: uuid2 Value: 3475190955121042646
.360yield.com/	1970-01-20 10:23:21	Name: tuuid Value: 6d48c573-7b2d-48cf-bbd1-bc2cd8f18e15
.360yield.com/	1970-01-20 10:23:21	Name: tuuid_lu Value: 1671225808
fksnk.com/	1970-01-20 08:23:50	Name: AWSALBCORS Value: DEFAaNC9KylqlE6en9inq6lDlFY9JiGYCYJer9IPSI3/ATFuVZ8stSeZ8X/qlDYjydnjCp/mVjseYr/0w/4eW70Aa7YpThIFzvXVBfM/U83Q+5rHtVb9lxU7upgV
.fksnk.com/	1970-01-20 10:23:21	Name: f_001 Value: 22BE68D0EF5C1D39
.fksnk.com/	1970-01-20 08:15:12	Name: g_001 Value: 1
.adingo.jp/	1970-01-20 08:56:57	Name: ID Value: 7bb91568a18d94aec973528080b004a1
.yieldmo.com/	1970-01-20 16:59:21	Name: yieldmo_id Value: g98a6d100fb4731e687a%7C1671225809714%7C0%7C
.bidswitch.net/	1970-01-20 16:59:21	Name: tuuid Value: dddc5aa2-05f6-4e2c-9ccd-1597b23598eb
.bidswitch.net/	1970-01-20 16:59:21	Name: c Value: 1671225809
.bidswitch.net/	1970-01-20 16:59:21	Name: tuuid_lu Value: 1671225809
.aereo.jor.br/	1970-01-20 17:35:21	Name: __gads Value: ID=20e2d08eb0f3f5e4-22d60ecd1dd9008d:T=1671225807:S=ALNI_Ma09caKp5KYTNiDqslMWETQrA5HxA
.casalemedia.com/	1970-01-20 16:59:21	Name: CMID Value: Y5zh0fn-M.oRtuXdpjrMogAA
.casalemedia.com/	1970-01-20 10:23:21	Name: CMPS Value: 054
.casalemedia.com/	1970-01-20 10:23:21	Name: CMPRO Value: 054
.casalemedia.com/	1970-01-20 10:23:21	Name: CMTS Value: 031
.bidbrain.app/	1970-01-20 17:49:45	Name: uid_cross Value: e306a964-7d87-11ed-94c6-2a114b61dd6f
.bidbrain.app/	1970-01-20 08:13:53	Name: sid_cross Value: e29cf78a-7d87-11ed-9908-0ef11e7ec071
.adkernel.com/	1970-01-20 08:33:55	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 08:56:57	Name: ADKUID Value: A1814780133218142838
.adform.net/	1970-01-20 08:58:24	Name: C Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrUwMzY2NrI0tbQwMDO3MDYxNxTiM9RNMvPzD_T2t8wLLC8CAOjYsTclAAAA
.rfihub.com/	1970-01-20 17:35:21	Name: rud Value: H4sIAAAAAAAA_-MSNrUwMzY2NrI0tbQwMDO3MDYxNxTiM9RNMvPzD_T2t8wLLC8CAOjYsTclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Qjxc68qKfN2dS539Swxzqmoygwv9wQAmMLBVB4AAAA
.rfihub.com/	1970-01-20 17:35:21	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Qjxc68qKfN2dS539Swxzqmoygwv9wziNTQzNzQyMrUwNDAxNHrFiMI3BgCWLlk4PQAAAA
.mediago.io/	1970-01-20 16:59:21	Name: __mguid_ Value: bee183775e2605720239fe233da4cc9a
.tribalfusion.com/	1970-01-20 10:23:21	Name: ANON_ID Value: adntmIuyTYFBErv6Y78knw8B32TOOVcZb92tT6CdEsHriY7UEZdOOdQnA2Fj15eYL2aipFxcXr3xMVUSQ7j8NJ4EAS
.adform.net/	1970-01-20 09:40:09	Name: uid Value: 678997802357413024
.uuidksinc.net/	1970-01-20 16:59:21	Name: jcsuuid Value: ZgGLAohAGh0WDuXPKm2p
.3lift.com/	1970-01-20 10:23:21	Name: tluid Value: 3685089595855663780270
.go.sonobi.com/	1970-01-20 08:56:57	Name: __uis Value: cae65fa0-54c5-4454-aafb-beedb35556ac
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85193\|Y5zh1
.teads.tv/	1970-01-20 16:57:55	Name: tt_viewer Value: 4bed8717-3aca-491b-8b5d-f32f71e78c98
.media.net/	1970-01-20 08:33:55	Name: data-g Value: CAESEP6QgPXjCcKH2EBi-_rHuso~~6
.mxptint.net/	1970-01-20 17:49:45	Name: mxpim Value: R1B330_FB011796_63240583.1.639CE1D2
.fg8dgt.com/	1970-01-20 17:49:45	Name: tuuid Value: 3d7002b1-44b9-4004-9551-630e440de136
.fg8dgt.com/	1970-01-20 17:49:45	Name: c Value: 1671225810
.fg8dgt.com/	1970-01-20 17:49:45	Name: tuuid_lu Value: 1671225810
.media.net/	1970-01-20 16:59:21	Name: visitor-id Value: 3142274101454688000V10
.criteo.com/	1970-01-20 17:35:21	Name: uid Value: da542707-e3cd-4473-812d-c2e3e4ff2d8a
.navdmp.com/	1970-01-20 16:59:42	Name: ac3 Value: 1
www.aereo.jor.br/	1970-01-20 16:59:21	Name: _tfpvi Value: MDRhZDg4MTctNWUzNS00OGM4LWI4NWEtZGRjYzg1ZGUzOWVjIzAtNA%3D%3D
.navdmp.com/	1970-01-20 17:49:45	Name: nid Value: 11ec25f3357380b467e83e352510\|1\|376
.aereo.jor.br/	1970-01-20 16:59:21	Name: nvg46575 Value: 11ec25f335ae58849059edb28c10\|0_351
.yahoo.com/	1970-01-20 16:59:43	Name: A3 Value: d=AQABBNThnGMCEHm2kf4x43h925i4OqXZ724FEgEBAQEznmOmYwAAAAAA_eMAAA&S=AQAAAicLpZqhdkkxN5K014tINKA
.mathtag.com/	1970-01-20 17:39:41	Name: uuid Value: 430b639c-e1d5-4800-be48-d95847118ca4
.everesttech.net/	1970-01-20 16:59:21	Name: everest_g_v2 Value: g_surferid~Y5zh1gAD9sOijwAe
.zemanta.com/	1970-01-20 16:59:21	Name: zuid Value: 4-d08chTKs_hZ2eQXElH
.turn.com/	1970-01-20 12:32:57	Name: uid Value: 3287437758360039017
.creative-serving.com/	1970-01-20 17:35:21	Name: tuuid Value: f13f04e3-29c9-4995-aa8f-e5fdf30262a5
.creative-serving.com/	1970-01-20 17:35:21	Name: c Value: 1671225814
.creative-serving.com/	1970-01-20 17:35:21	Name: tuuid_lu Value: 1671225814
.trafficroots.com/	1970-01-20 16:59:21	Name: PARTNER_ID_3379 Value: e5798cbf09
.bluekai.com/	1970-01-20 12:35:50	Name: bku Value: ikG99BqC7sw1wU6I
.bluekai.com/	1970-01-20 12:35:50	Name: bkpa Value: KJyWy1N03M9D9mY7iqFgEhvTqo0mxWT/AeOvvmaLmQC1jDEg9YfL6d4qp1wuq0Mqd52deBtOdIrtIdj36d7gigxdmEcs3b7FCrkyUjq7EBiHDY9DngF8dVMUFdt2KupBrFt8Wy3FrjdZ2b1kaYfM3fXN9bcxBrBTS5GqGD9R5/HaJ3YhTosBku+XqAr+3Ao0CQqwOK41S1ORNj7/EKsWj0aUEAgsecQGDT0uUe7gRNjgDX3xtPiUFo1LYdvWCC3j09m139bA9UuuJoTDBMfVVjs47D08E4EJ+bamvGsNenA+eHjmKJ7P70Qneeh83i3kQN3qWkEOqmSPDsGnvViHLkY+FgF75BMIex90cN2o
.aereo.jor.br/	1970-01-20 17:35:21	Name: cto_bundle Value: hF9qil9ZVTJhOHUwUzBBNUpmaUdPeXpwZ21UJTJCdDllZXRJbDFITCUyQjNaSVh4d3I3NUhESDlwNiUyQmh3a2pvV3FrZDU1dlFLQTdGWnFqVkl5ZnVvQ0JKaEclMkY3QiUyQnQ0bEVER05wVGdUbng5WCUyQkZWaWJpWnQxaTZJelpLbkZKJTJGYVhCVGFsbmhSRSUyRlk0alRvd0FpMk9HTWlvak1SWTJRJTNEJTNE
.aereo.jor.br/	1970-01-20 17:35:21	Name: cto_bidid Value: wCYJUl96SnAzZlBUTzFKemlmTEU4eWMlMkJkcSUyRllYMlFTWTdBNFdOYUtnNm13Nm94RTk5SlZibyUyRkhDVjFnN1VGNXdPR3hpTUd4Ukl2SWJPeUJYUSUyRlZuTmM0RkpwUHJTbFIlMkJxMFdaeSUyRjBlbyUyRlpCUVJzJTNE
.adsrvr.org/	1970-01-20 16:59:21	Name: TDID Value: dd6886ec-11fb-4f5d-8c50-c45b04484e91
.smartadserver.com/	1970-01-20 16:59:21	Name: csync Value: 31:dddc5aa2-05f6-4e2c-9ccd-1597b23598eb\|94:Y5zh1gAD9sOijwAe\|116:4-d08chTKs_hZ2eQXElH
.adsrvr.org/	1970-01-20 16:59:21	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPrti6S67a87EAUYBSABKAIyCwjs6srQ0O2vOxAFOAE.
.amazon-adsystem.com/	1970-01-20 17:49:45	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:59:21	Name: bcookie Value: "v=2&645df3ea-3ee0-4888-810d-73279de6dd86"
.linkedin.com/	1970-01-20 08:15:12	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2788:u=1:x=1:i=1671225814:t=1671312214:v=2:sig=AQF-2H7L0V3oyZXNy4lGuueh9FRg7Vmw"
.amazon-adsystem.com/	1970-01-20 12:57:26	Name: ad-id Value: A1b03aDFckNVpnITDFT_neQ
.rubiconproject.com/	1970-01-20 16:59:21	Name: audit Value: 1\|mFVHqHkj5bEZWf5fNTAo8u1WuCoMxA8a+JUixCbOKdq47UN8FIGhNDeBNhMqm4Skrum3LISG1OlE++P4oG0Dw38gsBGYXdKFps1MDZGKl0iyqVI1k5poNA==
.adnxs.com/	1970-01-20 10:23:21	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GUcwZ=53!A#En.CK$wNya!tNhTozUS'Y6
.adnxs.com/	1970-01-20 10:23:21	Name: icu Value: ChgImPtpEAoYAiACKAIw2MPznAY4AkACSAIKGAilq20QChgBIAEoATDQw_OcBjgBQAFIARDYw_OcBhgC
.pubmatic.com/	1970-01-20 08:15:12	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 10:23:21	Name: SyncRTB3 Value: 1672358400%3A220
.pubmatic.com/	1970-01-20 16:59:21	Name: KADUSERCOOKIE Value: 1E1F97CA-29DC-4F7A-AB80-E715173630B3
.pubmatic.com/	1970-01-20 08:15:12	Name: pi Value: 159970:3
.pubmatic.com/	1970-01-20 10:23:21	Name: chkChromeAb67Sec Value: 2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBULivp1YQ1pK31uVHptYK4&google_cver=1&google_push=AavPq0O2wx5nme29ChReThZz4t_LADJb9tZAqqewdpWKtzPE6Flsf_wtzWccZi9jwY0rqojazX5mSf9O0JCyciKOM8Bgo8OdX8YdSDHCAiuAT-zuRT9QZyz62gPe-cZEn3zsLquslGyLjw Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

454400963c9f6d2e724c4824e3ee1526.safeframe.googlesyndication.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.creative-serving.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
aep.mxptint.net
at.teads.tv
avm.avantisvideo.com
b1sync.zemanta.com
bidder.criteo.com
bs.serving-sys.com
c1.adform.net
cc.adingo.jp
cdn.avantisvideo.com
cdn.navdmp.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
cs.chocolateplatform.com
cs.media.net
csi.gstatic.com
demand.trafficroots.com
dsp.adkernel.com
eb2.3lift.com
eus.rubiconproject.com
events.avantisvideo.com
events1.avantisvideo.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
googleads.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.navegg.com
im.bluevoox.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
lg3.media.net
lm.serving-sys.com
m.fg8dgt.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
pubads.g.doubleclick.net
px.ads.linkedin.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rr1---sn-apaapm4g-apae.googlevideo.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
script.4dex.io
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stags.bluekai.com
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.navdmp.com
sync.teads.tv
sync2.navdmp.com
tag.1rx.io
tag.navdmp.com
tags.premiumads.com.br
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
usr.navdmp.com
warp.media.net
www.aereo.jor.br
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
cs.chocolateplatform.com
id.navegg.com
100.25.107.144
104.18.33.19
104.36.115.111
142.250.80.66
15.197.193.217
151.101.193.108
151.101.194.49
162.248.18.32
162.248.18.37
162.254.186.187
174.137.133.49
184.24.36.23
185.167.164.37
192.0.76.3
199.127.204.162
199.187.193.166
199.38.167.130
208.109.190.28
23.105.12.145
23.195.100.217
23.204.152.12
23.204.152.28
23.205.72.198
23.205.72.21
23.205.73.36
23.49.251.202
23.64.61.36
23.78.168.242
2600:1f18:4e9:5a01:b333:1a3:d097:8434
2600:9000:21da:a200:3:748e:7940:93a1
2600:9000:21ea:e400:8:9ed9:9c40:93a1
2600:9000:2510:c00:1c:38a0:8a40:93a1
2602:803:c002:200::115
2606:4700:20::ac43:4a15
2606:4700:20::ac43:4bf1
2606:4700::6810:df3
2606:4700::6812:18ad
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80c::2002
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a00:ba61:0:126::c
2c0f:fb50:4002:801::2003
3.17.243.71
3.234.62.154
31.220.27.155
34.102.128.115
35.208.249.213
35.211.141.197
35.211.178.172
4.78.226.224
50.16.138.112
51.222.39.185
52.2.51.253
52.223.22.214
52.45.175.185
52.46.130.91
52.5.219.41
52.55.14.74
52.95.125.22
54.187.209.148
54.83.180.210
68.67.181.211
69.166.1.10
70.42.32.31
74.119.119.139
76.13.32.147
8.43.72.97
8.43.72.98
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267
010cbbf90388f3a838b4a2b9b496e46a5de1b21dc168c1a676a79d926b4bd3ed
029a181e8161887aaed575e2aadd5e7adbeb6d1ce4d6fe5989d598d596993078
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036fa2716e2e6e7bba67ddfea45b65a215d8dbcb7dbeb78cc2f80a94ab50a8e3
0536d4c1034a63ddd16ebd45c0b4b2ce896f417d4bdb66c3bde4dec4e28f66a2
07466ba054c48c013eefaa18c8d5589e69505fb1721ad00c4012790664168c1c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b264b477c6a57cfc5511a5b84761265a368c43bf6a638a7ec50f71c675abec1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9fd32be4c22d101d23780e9ff25ac81caff9c5070ba585e7b32c6ee6b20061
0c4e37b3f00eda556ba3d85b5eefd9d66eb3768336e259e1cdf1c34614574e40
0ce7613bb07f30b4dd77f51b62fcbd70bc15439a24b696ca06a694c2c8544ce6
1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0
118bdfdae6dc7673aa448cbcc4941a36841e58ecc4aaafc2195c1ef9228c853b
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
12be13ed5ba48960e319fe7ab9d2e38ef543d4df650950bc23bd8f8d1a2d2d74
1383e964dbeb4da6efb6e908176663dbfcd5a387d7d368834f8224233b778bb9
1578fa17ba357eff31bf526d0162f86737564e534d6705b365b4e7bb909c7910
167f94fb6ab80302f929f6f1b7b462ceb93f324d9f303119e98571ff7cf78644
193ea1f9db6f7a5629aa6cd1679b3f1c9a70025867aa950364d8b1a712528919
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1c3aa73455371c55c4c3e98dec5c287bf262e9aee13340dd21e874b002087286
1d70aa4785c9f8f0e7a93a80cc6fbe30e356ee2cffffd1befb32ff8df7519921
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
20023479a8d78ad56a23e8e4ec5049245a9c54aa6a8c931a0b0cd53934e3fd3e
204fdfa5888047360509b482d99989f2bdecb29c6a7acc9338115e8b3471b1e9
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2221ee9053663516f1da41456d3abf50d0a7d532ad07fce0e078e1c94f3a721e
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
26102900a2ff570b5f2fa4eba9d31aa480e73e57f0ae9cc6b85be99f8e685003
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
2790ab67e9266c6e92665e66564cee73f9bb419b471734c69bc2bad47d6709aa
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2cffac9ba9f821da0355f000672c6eeca8bf8e7184d3542a5e084a834a80e598
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
2e617add98f5bad8475699d148f9fbd771ab8ba28bca36d485158014e04b65a4
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
31046c2c2385cdceee8af86d23b6c8a38a382464172b47716867745e6d3ec144
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3527c54438a9e28484d66cbaf75a879f79c37306209347323ff1530a7859c758
3569f4e3a809c10ccd5429e65c125aa69fd00b8e5485dbabe2b94aac9c983382
36d02a1617083e372ad7858a8ab3302d4316eb71fda00d5d61cee1ff6de2e647
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37d41364418010ad7702c336d48c949795b5b94bb1ce3a72b228c90f07c84d87
3819973b5035d844009c634ae90e2ab52e0c6ce40200777f4df1a23653aae4c7
38fdc5df57a7e9a187d2aa33a882480af42ba1e90219fa749be09a79dbc0089f
3a995d921c907141ebd148eea602cbb308b2901cef4aa08339801db130ef1d9a
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b7fe4a8da88e474bd71f7994fe9298ef188b95ddb1c426d3acad3b72bd904b6
3b8337955894c8a81a8bb03185aef856823ae714484e28590163424c1adb3742
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe20c4a01cc0d79d0ee8d116a905d4ec754f625a0aeab7ba7aca9369d509c6d
442e06d20ce9c517eff71b6076a8cc8b31bc1e57dae1aa11a40413aaf027d893
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45fa41f220014c5c47e454d4fdb592eb457b137dbded3c1b79b4e73c77ec0162
4686fbb22784ff8d70f48905a620057a3265e7b0e14065f89bd25d556ccf30c7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a2f0f91d752a43e387bf4b937cd21a59ffe329f103f72e8934bca744c073de
485301e24ee204cd089ec16df7e66702b3a3dc906f5ea5ffcc414c303d647e1e
49817b462be7c23cb1305bccade679a839557828887c57b27d1b07946d20c8b2
4a4123724a3c873661ea718024316aa202b4df48d0a4ed015f7f838b1bfa79ef
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b0a6324ea618918c94e53be89a591b7e2c42325014396b4838390f862e3bfcd
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dcefb224df281d637367ea96e8e84d419be657a2888071837f23b165c7f553a
4e0413d7aec95b74426b0cd2e3f936a2bee8a9ece223922623a45f544a184786
504a13de30619a292153f41443bfdb6006341b96aa176e683ab210eab9e7d42b
5192f76b9960c64450f6a5217b55d80b6abbeec2cc42722ae09b819eed56a641
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
543735805dfecb8b0743bced80f2e2ef6c78acb33c52c1ec61ae7becb4b9876f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56013609f30b56704479b9af89bc2d386227c5bb60c2fbc678d1ae1f0740f156
57beffc1dda046a1fabf647e85a9e70941b0967e6c082436e8c4c2608fe2e669
58a32798cb078251a1b88bb36a6908b475625622de15af6a51982c93b3b303bd
58f254db8c04d96049b320578854fc9395992aea278caf7fd46df8ef4461bc60
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c02e9dc4b3d2e52fda7687bcba292421868f25888b712b739c5803c8105d097
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfe16c5ed5bbd06b7e20fdcb9a1c114144bc582321e9d810d7da65fa291db55
5e14c2a02e336bce8817c6a74c6d94ab7ecf3ae4978d39535f1fa82cbf977183
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6391e24db6deb25675d1d98302001fd6ccdf6baa350bf7fff99ee228f245393c
65f6e869897c7dfea0c3782817102671cd1ef9d7c59466e11976a31bace7dc05
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
696abb1249ad3aac33060bfed46b870e4a645faf9b96a9b81b3af85a4ef42694
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6d52689db7facdf94c53f2dd726acef6fd1d6c41c7f189e53da6c9a6923393f4
6dbeca800af0097ac2e4bced16a7574db4622af62804d58ff2a37967b5efc878
6e3de97b57ab71d48f85f440682b7d87b8a332f5c4c9e01ff50a462f34443531
701c358570d3b4d2127343e9a61332eab7b6e6b1ea5596acb2d36448dd1f43b6
71eedb601e4876ab697e64fcc0ab1527a89a2dcc1082616435066829ac5cc996
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72e1fa934e93ff92e04edc940282b3f3c14bf6d8662e563bb94814bca654ce55
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b6f547145e1c33cf6e1570efa23a5c4884056037bf0abe87b3a66513eb50b36
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
850c833c7712f7d0308b014d1d4321563eeaca85e64041384e6ea06cb1ddba0a
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86fadae3d1855646e5235b1d49f002605344c384b93f6721fcaa70e35eb840f2
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
887880bbd37c109dca66464d026c316a5747e607b6c70cfd8addbf047ef42e95
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a80db3395797aa95370550ee1f11c8994ee7b88150d9edc8753fd9c6854b376
8b2323e051d42d2e5fd48f578f5832c0001600061d61aa297ece01d3df221fad
8c21de3b659aaa30693e28670ce6526645a4af8ce4d49c38f9fe410552d36e4a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e4c4278cdf68febac701fd26eebd2589d29c3d7a74a42d034ea0ac458d54bbb
8fe457e08539bb6275fda6ccfe7666b6ab9216800193c897200d4c35770f0507
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6
969f50c49b96b8b4ae74e77098377aa41192a9517d62e2a5e7c2d8fc9f9d26ae
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d88923d7fdb0b7fd1dfb09e02a574b4d34107c58e961106e4af76fc4666caf9
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fff3be6850d99a91d7a75095d6f2da3acf82515afe7d12a8ae15471fdce69d0
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a04c30aec36a8c655d3248c9f544db203449fb431af7054f2bd0aa1d646d8cfe
a3d328807718a30d851e52a377457c06dbfe2ca7b2d8a77756a2d9fd5099a345
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5955945af0b59db86cbc83ed6ebf1e9480d57f2294fb1c794fbf0f290f64fa9
a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853
a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6
a7dd11868035d17b879c8b89f2a08a67c262c96b31106f58d8e963e87b858573
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acf99e2c094ad6e7fa7aeba6b8713b69004ee8978ff1f442110aec5206e3e43b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02572e8fb267dc87dedf85cba3782838fc359a348dab77cff5f6085af7eb750
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b75f4869fe9537d28983083812651f5aca3b17559b92bfa2bb272f55326eb90b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba398ca54abb65db21ce7e91b2abd1f842520725e64edfae9b8bb68d52c538b2
bb0d79a30efdd0bc00e2ac3cd8f7ce7da8f784c96b373c908d3cae8df5a41597
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
bdc9fc70217e4281dbe77fa5e6dee0160c9329caf2831b488462b071d6452167
bffdcd6f960fe145868b489aabeccf4643c420b38b9024aeb2d65dca53f46494
c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c29d6b65af0666c7c3a4c7f56a27467d1cfd0f3c4e27dba1ff264bbf484f5ad9
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c6e697d37217f8d51e5a641c0599ce35a8dbd329567077bf11c59863abbe11fc
c70a6d0243acaeee7c69d2cc3d4ce8c9ca419ffe0a8396b184eb4e9f2d6ad50f
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9de9b734d16ee94626b3a03422234dc9a8525110b96f0a83fec28045d83895c
ca4cf5c50d8399195c466945c1116daaf260c5d2ec662ffb83e057ef79ba19ad
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc8bf05b3c6b6d2eeb81510a102958bb9cb90b1677ee2a06e239b7c073833ae4
cf4566279d7dd9904e495625baf12ce5d33ee5dbc8c749f20a41d27a0ccf2349
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2137a94d1b4de47a0d8204e9e9c46734fa3f0d888c0353e6a0b968e5f953ab4
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2ffb1d66e611ed3119f13ab781f94679180993f151242fec73feab42cb9234c
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d81161a5fbcdecf6dc53a0882a238711f1551dcfa867ceb8484ac78b4e0968c0
d9d50838fad6c30da0f8d41ad942a5b996cd922bb033242bf1c5ef6bf9c87a7d
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e01a6c93f8f6976b93fe098f46b785bd635bebf2a8624ab7a77f9df4f57dc72d
e0e28845d7c0d6d77652560f6eee89d0e3017a1e6561ccc03df94aef08d55acc
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e245ca92c09a55cd4ada741ca10d43a0d095f93adb355d859e3eacc5df4d511c
e2fd5315c3e844c7a542d4f915bb09623cce9c8cff6693b7fb7b39188baa81b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a
e7b7491d095b39d11a686999b4e2f90db0f1c4c10db81fce4f786310b3f9c964
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea628a83ef0760a53f88f66bfb12eaedf43705f232d725b1e22b0390d6da12a0
eb4259364a423a0e63a729f92013da62e4d993c71e20f28abfdd634081af77ed
ebad9f838fb810350790dd414b697b5dbaf25bc4865a29e704c7dfcd0ef48756
ebb8d59148126400a7d2ef1f37070835c026fee48a1d90af92e563f4294814bb
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13fed8325843b6b7d6d051e6916ba4bc8e7ed329a949333004dfc7d8a1b7ef2
f1e589f8c1a01e0b537c8742bff535fda87f144439eeed07935ebbe12ce18aba
f288df72f359001eccd2fe3438ca41cb616bd27ab3a91faad00ff15fa3d3c86c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a496329cb5cb5897f921ebb6fbbc2b232d5952d5b38f714007d80fdd53ebd7
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eea98b9480f20c65db8f9d7c993e5582cd9a806d53904e25901b9c55356779
fc81899694268ca9cba22e6807bd4af54ae3c4070cd07bc565f1dc1bc2e185a8
fd40dad69bdc4ba1b73095dbbaa15703ec6c786070dbc079c46e398d233bf607
fe081a84ca6ae1db3a9694b552c5c07cb94958d6468e9a61b58c85366c3ff5bd
feba198dccb5d35db7262c56e6b2d142b2999313dd98a673ef73d25eedf0743e
ffce487df4744525fd529363bd47e310529698170c91084a5099f760fa957569
ffcfefd0eba4f70f538bc97f39a02a1ea822f84d819480aa42457db83d50ea2d

www.aereo.jor.br Open in urlscan Pro 208.109.190.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

370 Requests

89 %HTTPS

38 %IPv6

62 Domains

105 Subdomains

61 IPs

8 Countries

11762 kBTransfer

20202 kBSize

91 Cookies

9 Outgoing links

Page URL History

Redirected requests

370 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aereo.jor.br Open in urlscan Pro
208.109.190.28 Public Scan

Screenshot
Live screenshot

Full Image

370
Requests

89 %
HTTPS

38 %
IPv6

62
Domains

105
Subdomains

61
IPs

8
Countries

11762 kB
Transfer

20202 kB
Size

91
Cookies

370 HTTP transactions
11 data transactions